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MCI  WorldCom 
can't  shake 
frame  net  mess 

BY  DAVID  ROHDE 

MCI  WorldCom  CEO 
Bernard  Ebbers  stepped  in 
last  week  to  quell  the  uproar 
over  his  company’s  prolonged 
frame  relay 
crisis  —  and  in 
some  ways 
seemed  to 
make  things 
worse  than 
they  were 
before. 

Users 
mocked 
Ebbers’  “com¬ 
mitment”  to 
customer  ser¬ 
vice,  saying 
they  were  in  the  dark  for  10 
days  until  the  network  was 
fully  restored  last  Monday. 

Many  analysts  weren’t  buy¬ 
ing  Ebbers’  line  that  Lucent 
provided  bum  software  to 
MCI  WorldCom.  And  Lucent 
officials,  while  admitting  the 
outage  began  after  new  soft¬ 
ware  was  loaded  into  its 
switches,  noted  the  very  same 
software  had  been  successful¬ 
ly  loaded  by  other  carriers. 

Perhaps  worst  of  all,  MCI 
WorldCom  officials  conceded 
that  the  final  solution  to  the 
problem  —  removing  the  soft- 
See  MCI  WorldCom,  page  16 


CEO  Ebbers 
tried  to  pla¬ 
cate  unhappy 
frame  users. 


DefagaZ  CYBER" 

ATTACK 

Responding  to  reports  of  cyberterrorist  plots  to  attack  the 
nation's  critical  infrastructures,  President  Clinton  signed  a 
directive  calling  for  private  companies  and  federal  agencies 
such  as  the  FBI  to  mount  a  coordinated  defense.  But  companies 
aren't  keen  on  sharing  security  infqugijjflawith  the  feds. 


New  spec  plugs 
LAN  security  gap 


Vendors  get  behind  Ethernet  authentication  protocol. 


BY  JIM  DUFFY  AND 
JOHN  FONTANA 

A  group  of  vendors  is 
proposing  a  new  standard  to 
help  protect  enterprise  nets 
from  internal  attack. 

The  Extensible  Authentica¬ 
tion  Protocol  Over  Ethernet 
(EAPOE)  is  intended  to  keep 
users  from  improperly  access¬ 
ing  confidential  network 
resources  or  stealing  pass¬ 
words.  3Com,  Cabletron, 
Extreme  Networks,  FORE 
Systems,  Hewlett-Packard  and 
Intel  are  among  those  pitching 
EAPOE  to  the  IEEE.The  propos¬ 
al  defines  how  to  authenticate 
users  on  LANs  inside  a  compa¬ 
ny’s  firewall. 

Authentication  typically 
occurs  when  remote  users  dial 


More 


Online 


Read  up  on  the  lETF's 
proposed  standard  for  EAP 
support  in  RADIUS. 

Download  a  white  paper  that 
details  Microsoft's  r  i  hi n  IT 
support  of  EAP  in  flNN  | 
its  products.  a<nf,ij^ 
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in  to  a  corporate  network  and 
attempt  to  penetrate  a  firewall. 

EAP  is  an  existing  IETF  stan¬ 
dard  that  enables  PPP  links  to 
use  a  range  of  authentication 
protocols  to  identify  and  admit 
users  dialing  in  to  corporate 
See  EAPOE,  page  76 


Internet  start-ups  still  rolling  in  venture  dough 


BY  CAROLYN  DUFFY 
MARSAN 

When  you’re  hot,  you're  hot. 
Venture  capital  investments 


in  Internet 
start-ups 
reached  an  all- 
time  high  in  the 
second  quarter 

of  1999,  with  _ 

funding  nearly  " 

tripling  the  amount  in  the  same 
quarter  last  year,  according  to 
the  lOth-quarterly  Pricewater- 
houseCoopers  study  of  venture 
capital  spending. 

More  than  300  start-ups, 
most  offering  Internet-related 
communications  services,  soft¬ 
ware  and  hardware,  received 
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just  over  $3  bil¬ 
lion  in  funding, 
with  the  aver¬ 
age  investment 
around  $10  mil- 

_  lion.  This  sector 

"  represented 

about  40%  of  the  total  venture 
capital  investment  in  the  U.S. 
during  the  second  quarter. 
Altogether,  venture  capitalists 
pumped  $7.67  billion  into 
about  1,000  U.S.  companies,  up 
from  $4.31  billion  in  the  first 
quarter  of  1999. 

See  Start-ups,  page  77 


Venture  capitalists  still  nuts 
about  'Net  companies 

In  just  the  first  half  of  this  year, 
more  venture  capital  funding  was 
poured  into  Internet  start-ups  than 
in  all  of  1998. 
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Increase  productivity  and  lower  training  and  support  costs  due  to  your  users’  familiarity  with  Office 
Lower  maintenance  costs  through  single  deployment  and  configuration  to  your  users’  desktops. 
Maintain  a  single,  reliable,  secure  infrastructure  for  both  messaging  and  collaboration. 


Now  with  Exchange  Server  5.5  and  Office 
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Users  need  the 
power  to  collaborate, 

Nit  to  leap  tall  buildings 

in  a  single  bound. 

Microsoft  Exchange  Server  5.5.  Superhuman  powers  not  required. 

Now  your  users  don’t  have  to  be  superhuman  just  to  be  able  to  work  effectively  as  a  team. 
Because  Microsoft®  Exchange  Server  5.5  expands  the  team  collaboration  capabilities  of 
Microsoft  Office  2000  to  the  enterprise.  Giving  powerful  collaboration  functionality  like 
workgroup  scheduling,  discussions,  and  document  tracking  to  the  whole  company.  Exchange 
also  gives  you  the  added  benefits  of  enterprise-level 
manageability  and  reliability.  And  since  your  users  already 
know  how  to  use  Office  desktop  applications,  collaborating 
throughout  the  enterprise  is  a  simple  step,  not  a  giant  leap. 

to  ydUfeenterprise:  www.microsoft.com/exchange/ 
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New  Directions 
in  Recovery  and 
Storage 
Management. 


Resolve. 

Risk  is  a  part  of  today’s  highly  competitive  business  environment. 

You  have  to  rely  on  skill,  training  and  superb  technology  to 
overcome  it. 

To  reach  the  top,  you  need  RESOLVE®  —  the  world’s  most  reliable 
Recovery  and  Storage  Management  solutions  from  a  new,  dedicated 
business  unit  of  BMC  Software. 

RESOLVE  keeps  you  securely  on  the  leading  edge  of  business  — 
ensuring  24x7  continuity  by  safeguarding  and  managing  your  critical 
data  and  storage  resources. 

Global  1000  firms  are  already  depending  on  the  proven  technologies 
that  make  up  the  RESOLVE  family  of  products,  including: 
►Recovery  management  solutions  for  OS/390,  Unix  and 
Windows  NT 

►Recovery  solutions  for  DB2*,  IMS,  Informix,  Oracle, 
SQL-Server,  Sybase  and  VS  AM 
►Storage  management  solutions  for  AS/400,  NetWare, 

OS/ 390,  Unix  and  Windows  NT 

Let  us  show  you  how  RESOLVE  by  BMC  Software  can  help  you  climb 
ahead  of  the  competition.  Visit  us  on  the  Web  or  call  today. 


8 oo  408  4810  |  www.bmc.com/resolve 
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Free  Product  info  enter  NWInfoXpress  #60  online  @  www.networkworld.com/infoxpress 


Assuring  Business  Availability  ™ 


THIS  WEEK 
ONLINE 


ESSSfl  Keeping  Current. 

j  Web  usage  is  at  an 
l*j  all-time  high,  but  Fred 
J  McClimans  says  it's 
^  tm  not  enough.  The 
health  of  the  Web  depends  on 
how  much  it  is  used.  He  says  we 
are  far  from  reaching  a  saturation 
point.  So  do  your  part,  and  head 
online  to  read  his  column. 
DocFinder:  4333 

Vendor  Web  sites.  Ever  go  to  a 
company's  Web  site  and  get  so 
frustrated  with  the  design  and 
content  you  forgot  why  you  were 
there  in  the  first  place? 

Well  here's  your  chance  to  tell  us 
which  network  vendor  Web  site 
passes  muster  with  you.  Fill  out 
our  poll,  then  watch  for  the  results 
in  our  inaugural  Best  Issue,  a 
Signature  Series  supplement  com¬ 
ing  this  fall.  DocFinder:  4130 

Casting  a  wider  net. 

The  options  are  get¬ 
ting  a  little  slim  for 
employers  looking 
for  good  help.  This 
means  companies  are  going  to 
have  to  widen  their  searches  and 
be  willing  to  either  train  new 
employees  or  retrain  the  ones 
they've  got.  Features  Managing 
Editor  Amy  Schurr  offers  up  some 
suggestions  in  this  week's  Water 
Cooler.  DocFinder:  4334 

GroupWise  vs.  Exchange.  A  read¬ 
er  is  having  difficulty  choosing 
between  the  two  messaging  pack¬ 
ages  for  his  network.  He  wants  to 
go  with  Novell's  offering  but  says 
his  clients  are  using  Microsoft's 
Outlook.  Which  would  you  recom¬ 
mend?  DocFinder:  4335 

When  good  products  fail. 

Know  any  technically  superior 
network  products  or  services  that 
failed  because  of  poor  marketing 
or  timing?  Let  us  know. 

DocFinder:  4337 


How  to  get  onto 
Network  World  Fusion 

Click  on  Register  on  the  home  page 
and  follow  the  instructions. 
Subscribers,  keep  your  NWF  number 
—  highlighted  on  the  front  cover's 
mailing  label  —  handy  during 
registration.  Nonsubscribers 
must  fill  out  an  online 
registration  form. 
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'You're  a  mean  one,  Mr.  Win32.Kriz' 

Ixroks  like  Christmas  Day  could  bring  an 
especially  nasty  grinch  to  corporate  Windows 
9X  and  NT  desktops.  On  Dec.  25, 
the  Win32. Kriz  virus  will  destroy  the 
Flash  BIOS  of  any  infected  PC.  The  virus  will 
use  the  same  routine 
found  in  the 

notorious  Cher- 
nobyl  virus,  i 

Users  will  be 
left  with  com¬ 
puters  that  will 
not  boot  prop¬ 
erly. 

The  virus,  which 
embeds  itself  in 
memory  and  attempts  to 
infect  any  opened  file,  also  kills 
CMOS  memory  —  used  to  store 
computer  setup  configuration  —  and 
overwrites  data  in  all  files  on  all  avail¬ 
able  drives,  including  network-attached 
drives. 

Justice  Department  wants  more  cyber- 
snooping  tools 

The  U.  S.  Department  of  Justice  is  final¬ 
izing  a  legislative  proposal  that  would  give 
law  enforcement  greater  legal  powers  to 
obtain  a  suspect’s  encrypted  data.  Under 
the  Cyberspace  Electronic  Security  Act  of 
1999,  law  enforcement  would  be  able  to 
request  that  service  providers  cooperate 
in  allowing  authorities  to  secretly  plant  a 
monitoring  or  “data-recovery”  device  in  a 
suspect’s  computer.  The  Justice 
Department  also  wants  the  authority  to 
compel  any  entity  storing  copies  of 
encryption  keys  to  disclose  stored  decryp¬ 
tion  keys. 

A  copy  of  the  Cyberspace  Electronic 
Security  Act  of  1999  is  posted  on  the  Web 
site  of  the  Center  for  Democracy  and 
Technology  (www.cdt.org),  a  Washington, 
D.C.-based  civil  liberties  group  that  strong¬ 
ly  criticizes  the  proposed  law. 

Are  SBC  merger  conditions  fishy? 

Congress  has  begun  an  inquiry  into 
exactly  how  SBC  Communications  came 
into  a  deal  with  the  staff  of  the  Federal 
Communications  Commission  for  “condi¬ 
tions”  to  its  proposed  merger  with  Ameri- 
tech.  SBC  and  the  FCC  touted  the  condi¬ 
tions  as  forcing  SBC  to  open  its  local  mar¬ 
kets  while  competing  against  other  Bells. 
But  questions  have  been  raised  about 
the  fact  that  the  loophole-ridden,  1 18- 
page  fine-print  document  wasn’t  made 
public  right  away. 

House  Commerce  Committee  Chairman 
Thomas  Bliley  (R-Va.)  wrote  to  FCC  Chair¬ 
man  William  Kennard  last  week  asking 
why  SBC  and  the  FCC  staff  negotiated  the 
conditions  essentially  in  secret.  Kennard 


has  until  Sept.  2  to  respond  to  the  con¬ 
gressional  inquiry. 

The  FCC  has  yet  to  take  a  final  vote  on 
the  merger. 

Microsoft  fixes  e-mail  glitch 

Microsoft  last  week  issued  a  patch  for  a 
vulnerability  discovered  in  its 
instant  messaging  client  that 
could  expose  a  user’s  logon 
and  password.  The  problem 
occurs  when  the  Microsoft 
MSN  Messenger  client  is 
used  to  enter  a  HotMail 
e-mail  account.  If  the  trans¬ 
mission  from  the  MSN 
Messenger  client  to  the  HotMail 
Web  page  is  stopped  as  the  Web 
page  begins  to  load,  the  user’s  logon 
and  password  are  captured  in  clear  text  in 
the  source  code  of  the  page.  The  user  can 
then  view  the  source  code  by  clicking  on 
the  view  tab  in  the  menu  bar  of  either 
Microsoft  Internet  Explorer  or  Netscape 
Navigator. 

Because  MSN  Messenger  and  HotMail 
share  the  same  logon  information,  there  is 
no  way  a  user  can  prevent  the  data  from 
being  passed  in  the  clear.  That  means  if  a 
user  leaves  the  MSN  Messenger  client 
open  on  his  PC,  anyone  with  access  to  the 
computer  could  capture  the  logon  and 
password  data. 

A  patch  will  be  posted  at:  Messenger. 
msn.com 

Another  headache  for  ICANN 

Sen.  Thomas  Bliley  (R.-Va.)  has  ques¬ 
tions  for  the  Internet  Corporation  for 
Assigned  Names  and  Numbers  (ICANN) 

regarding  that 
organization’s  eco¬ 
nomic  woes. 

Last  week,  Bliley 
sent  ICANN’s  be¬ 
leaguered  leader 
Esther  Dyson  a  let¬ 
ter  demanding  that 
she  turn  over  doc¬ 
uments  related  to 
any  contact  ICANN 
staff  has  had 
with  the  White 
House  or  about 
fund-raising.  Bliley 
is  probing  whether 
ICANN  got  any  funding  through  White 
House  efforts,  which  could  stir  up  a  politi¬ 
cal  fight. 

ICANN  has  been  in  touch  with  Tom 
Kalil,  senior  director  of  the  White  House 
Economic  Council,  who  in  June  told 
ICANN  he  would  encourage  private  dona¬ 
tions  to  keep  the  domain  name  organiza¬ 
tion,  estimated  to  be  $800,000  in  debt, 
from  financial  collapse. 


Sen.  Bliley  wants  to 
know  where  ICANN's 
money  comes  from. 


3Com  to  unveil 
mgmt.  software 


BY  JIM  DUFFY 

SANTA  CLARA,  CALIF.  — 
3Com  this  week  will  take  the 
wraps  off  a  significant 
upgrade  to  its  traffic  manage¬ 
ment  software  that  will 
enable  users  to  proactively 
avoid  network  problems. 

3Com  will  unveil  Tran¬ 
scend  Traffix  Manager  3.0, 
software  that  for  the  first  time 
alerts  network  managers  to 
potential  problems  by  log¬ 
ging  events  based  on  prede¬ 
fined  rules  or  thresholds. 


figuration  Protocol  (DHCP)- 
assigned  IP  addresses;  and 
Domain  Name  System  (DNS) 
aggregation  for  increased 
scalability. 

Runs  on  NT,  Unix 

Traffix  Manager  3-0  runs 
on  Windows  NT  servers,  and 
NT  and  Unix  clients.  It  gath¬ 
ers  traffic  statistics  and  diag¬ 
nostic  data  from  Remote 
Monitoring  and  RMON2 
agents  and  probes,  and  com¬ 
piles  the  data  into  textual  and 
graphical  information  on  net- 


Traffix  Manager  3.0  highlights 

•  Intelligent  network  data  analysis  delivers  constant  information  on  network 
performance. 

•  Event  Manager  provides  proactive  notification  on  network  events. 

•  Client/server  architecture  allows  for  multiuser  operation. 

•  DHCP  recognition  tracks  mobile  users. 

•  Automatic  DNS  aggregation  increases  scalability. 


Previous  versions  of  Traffix 
Manager  merely  kept  track  of 
traffic  patterns  and  required 
network  managers  to  spot 
anomalies  in  network  behav¬ 
ior  before  they  could  take 
action. 

Catching  on 

Oklahoma  State  University, 
for  example,  used  the  Version 
3.0  beta  to  define  a  rule 
whereby  any  traffic  destined 
for  the  Internet  that  con¬ 
sumes  10%  of  the  network 
bandwidth  triggers  an  event. 

“We’ve  actually  managed  to 
catch  some  students  doing 
things  that  they  shouldn’t  be 
doing  or  setting  up  servers  in 
the  dorms,”  says  Michael 
White,  network  analyst  at 
Oklahoma  State  University  in 
Stillwater.  “I’ve  actually 
caught  two  that  I  wouldn’t 
have  caught”  if  not  for  the 
new  features  in  the  Version 
3.0  beta. 

Traffix  Manager  3-0  is  also 
the  first  version  of  the  soft¬ 
ware  to  be  based  on  a  client/ 
server  architecture.  Other  im¬ 
portant  new  features  include 
enhanced  ease  of  use;  sup¬ 
port  for  Dynamic  Host  Con- 


work  traffic  patterns  and 
behavior. 

Network  managers  can  use 
this  information  to  establish 
the  baseline  performance  of 
their  network,  design  or  con¬ 
figure  the  network,  and  plan 
for  expansion  or  contraction. 

The  software  includes  an 
event  manager  that  gathers 
cryptic  data  from  the  agents 
and  probes  and  presents 
the  data  as  legible  informa¬ 
tion.  The  event  manager 
also  pinpoints  potential  prob¬ 
lems  using  color-coded  mes¬ 
sages  that  indicate  event 
severity.  The  event  manager 
is  tipped  off  to  the  severity 
of  an  event  by  predefined 
rules,  thresholds  or  policies 
established  by  the  network 
manager. 

Users  can  group  or  filter 
events  based  on  severity,  time 
of  day,  date,  source  and 
description. 

Traffix  Manager  3-0  is  also 
based  on  a  client/server  archi¬ 
tecture  that  lets  multiple 
users  simultaneously  access 
the  system.  Previously,  only 
one  Traffix  Manager  user 
could  use  the  software  at  a 
See  3Com,  page  77 
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The  Compaq  Proliant  8000  and  8500  servers  have  redefined 
industry-standard  technology,  yet  again.  With  its  revolutionary 
new  8-way  scalable  architecture,  Compaq  brings  enterprise 
customers  a  new  generation  of  powerful  ProLiant  servers. 
They  deliver  breakthrough  scalability,  higher  levels  of 
reliability  and  unbeatable  price  performance  for  NonStop®  e-Business  Solutions. 
They’re  backed  with  business-critical  Compaq  services,  tailored  to  your  needs.  And, 
since  Compaq  co-developed  the  crucial  ProFusion®  8-way  architecture  with  Intel®  no  one 
knows  it  better.  For  all  the  powerful  advantages  of  the  8-way  revolution — break¬ 
through  performance,  scalability  and  reliability — there’s  just  one  road  to  take. 
Details?  Visit  www.compaq.com/8-way,  or  call  1-800-AT-COMPAQ. 
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COMPAQ.  Better  answers.*’ 


SecureLogix,  HP  unveil  new  tools  to  protect  the  net 


BY  ELLEN  MESSMER 

Start-up  SecureLogix  Corp. 
is  developing  what  it  calls  a 
“firewall  for  phone  lines”  that 
can  monitor  traffic  through  a 
private-branch  exchange  and 
prevent  unauthorized  use, 
such  as  using  a  voice  line  for 
fax  purposes. 

The  product,  called  Tele- 
Wall,  logs  all  calls  and  can 
determine  the  specific  call 
type,  something  that  tradition¬ 
al  PBXs  cannot  do.  Scheduled 
to  ship  by  year-end,  Tele  Wall 
will  block  unauthorized  usage 
and  alert  network  managers, 
who  can  set  limits  on  the 
source,  destination,  time  and 
duration  of  calls. 

“You  can  implement  an 
enforcement  capability,”  says 
SecureLogix  President  Lee 
Sutterfield,  one  of  the  four 
founders  of  the  San  Antonio, 
Texas,  company.  Co-founders 
include  Rick  Jordan,  chief  finan¬ 
cial  officer,  Todd  Beebe,  chief 
information  officer  and  Craig 
Heilman,  chief  operating  offi¬ 
cer.  Sutterfield  and  Jordan 
enjoy  ed  success  as  the  founders 
of  security'  firm  WheelGroup, 
which  built  the  intrusion-detec¬ 
tion  product  NetRanger. 

Cisco  bought  WheelGroup 
about  a  year  ago  for  $124 
million  and  is  incorporating 
intrusion-detection  capabilities 
into  its  routers  and  switches. 

TeleWall  is  also  expected  to 
provide  log  reports  that  will 
help  companies  reconcile  their 
phone  use  with  phone  billing 
statements. 

Bob  Gabriel,  senior  tele- 
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communications  engineer  at 
Cornell  University,  says  Tele- 
Wall  will  be  handy  in  managing 
PBX  usage. 

Gabriel  points  out  that, 
while  PBXs  cannot  monitor  for 
content,  they  can  block  access 
to  specific  phone  numbers. 
Some  universities,  for  example, 
use  that  feature  to  block  access 
to  adult  chat  lines,  but  Cornell 
does  not  impose  any  line 
restrictions. 

SecureLogix  has  yet  to  an¬ 
nounce  a  price  for  TeleWall, 
which  is  the  company’s  second 
product. 

The  first  is  a  scanner  called 
TeleSweep  Secure  that  locates 
unauthorized  modems  or 
unaccounted-for  phone  lines 
within  a  large  enterprise. 

TeleSweep,  which  shipped 
last  week,  is  an  $18,000  sec¬ 
urity  tool  that  comes  bundled 
as  a  rack-mountable  PC  loaded 
with  a  remote-dialer  applica¬ 
tion  and  four  modems.  In  the 
phone  room  of  a  corporate 
office,  it  can  conduct  a  security 
configuration  audit  of  remote 
access  servers  and  sweep 
phone  numbers  on  a  regular 
basis  to  see  whether  lines  are 
being  used  for  phone,  fax  or 


data.  The  tool  can  spot  unac¬ 
counted-for  lines  that  were  pre¬ 
sumed  to  be  inactive. 

In  security  circles,  it’s  well- 
known  that  the  existence  of 
unauthorized  modems,  in  par¬ 
ticular,  often  provides  an  entry 
point  for  hackers. 

The  TeleSweep  dialer  sends 


the  results  of  its  investigation 
encrypted  over  the  Internet  to 
a  central  console,  which  can 
compile  reports  from  multiple 
TeleSweep  dialers. 

HP's  NT  tool 

Even  as  start-ups  are  widen¬ 
ing  the  security-tools  market, 


the  computer  industry’s  estab¬ 
lished  giants  are  also  eyeing 
this  terrain.  And  sometimes 
they  buy  security  start-ups  to 
get  a  foothold. 

Such  is  the  case  with 
Hewlett-Packard’s  network  sys¬ 
tems  test  division,  which  this 
week  will  announce  its  first 


security  product:  a  systems 
scanner  called  SFProtect. 

HP  didn’t  develop  SFProtect 
in-house.  Earlier  this  month, 
for  an  undisclosed  price,  HP 
bought  security  start-up  Secu¬ 
rity  Force  Software,  which 
was  developing  the  system- 
security  scanner. 


The  product  runs  on  a  PC 
and  looks  for  holes  in  Windows 
NT  4.0,  Microsoft’s  Internet 
Information  Server  and  SQL 
Server  6.5  through  host-based 
agents  that  can  be  remotely 
managed.  SFProtect  performs 
myriad  tasks,  including  ensur¬ 
ing  that  passwords  meet  policy 
guidelines  and  reporting  failed 
logons  after  business  hours. 

“It  audits  the  system’s  sec¬ 
urity  by  comparing  the  config¬ 
uration  against  the  policy  put 
forward  by  the  systems  admin¬ 
istrator,”  says  Joe  Koon,  the 
security  business  team  man¬ 
ager  in  HP’s  network  systems 
test  division. 

SFProtect  will  cost  $995  per 
server  when  it  ships  this  week. 
Koon  says  HP  will  be  marketing 
several  other  security  tools 
along  these  lines  in  the  next 
few  months. 

It’s  easy  to  see  why  HP  is 
eager  to  jump  into  the  security 
business.  According  to  a  report 
released  this  month  by  Inter¬ 
national  Data  Corp.,  the  intru¬ 
sion-detection  market,  which 
includes  systems  scanning, 
should  grow  from  about 
$136.5  million  in  1998  to 
$977.9  million  by  2003-  3 


TeleWall:  A  'firewall'  for  your  PBX 

SecureLogix's  TeleWall  device  logs  all  phone 
calls  and  can  be  programmed  to  prevent 
unauthorized  fax  or  modem  use. 
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OS/390  s  next  rev  supports  SLA,  clustering  enhancements 


Mainframe  operating  system  boosted  for  more  electronic  commerce  and  VPN  operations. 


What's  new  in  OS/390  V2R8 

•  VIPA  takeover  support  for  mainframe  clusters. 

•  Secure  Sockets  Layer  (SSL)  encryption  for 
tn3270  sessions. 

•  Triple  DES  encryption  support  for  SNA  users. 

•  Internet  Printing  Protocol  (IPP)  support  so 
mainframe  users  can  process  print  jobs  over 
the  Internet. 

•  Mapping  of  RACF  user  IDs  to  digital 
certificates. 

•  Service-level  agreement  policy  enforcement. 


BY  MARC  SONGINI 

CHICAGO  —  IBM  this  week 
will  announce  the  next  release 
of  its  mainframe  operating  sys¬ 
tem,  OS/390  Version  2  Release 
2.8,  which  will  beef  up  SLA 
enforcement,  security  and  host 
availability,  among  other  things. 

The  company  is  expected  to 
make  the  announcement  at  its 
SHARE  technical  user  confer¬ 
ence  this  week  in  Chicago. 
Many  of  the  enhancements  are 
in  OS/390’s  SecureWay  Com¬ 
munications  Server  compo¬ 
nent,  which  handles  SNA  and 
IP  traffic  between  the  main¬ 
frame  and  the  network. 

SecureWay  Communications 
Server  V2  R2.8  will  now  sup¬ 
port  a  tool  that  will  monitor 
and  help  enforce  service-level 
agreements,  says  Mac  Devine, 
an  IBM  product  manager.  For 


example,  if  a  priority  applica¬ 
tion  was  being  denied  the 
bandwidth  called  for  by  an  SLA, 
the  performance  monitor 
would  alert  IS  staff  that  the  SLA 
had  been  breached.The  system 
administrator  could  then  make 
adjustments  by  choking  off 
bandwidth  for  another  applica¬ 
tion  and  assigning  it  to  the  pri¬ 
ority  application,  Devine  says. 

It  is  likely  that  sometime  in 
the  future  the  monitoring  and 
adjustment  process  will  be 
automated. 

IBM  has  also  added  support 
for  Virtual  IP  Addressing  (VIPA) 
takeover  in  a  parallel  sysplex, 
which  is  a  cluster  of  two  or 
more  IBM  S/390  mainframes, 
Devine  says.  With  VIPA,  an  IP 
address  can  be  assigned  to  a 
specific  application  on  a  main¬ 
frame.  Should  that  application 
go  down,  VIPA  would  automati¬ 


cally  reassign  users  to 
another  processor 
running  the  same 
application. 

VIPA  information  is 
passed  on  to  the  rout¬ 
ing  tables  in  the  net¬ 
work,  the  session  is 
automatically  rerouted 
to  the  backup  ap¬ 
plication  and  the 
client  is  reset,  prevent¬ 
ing  the  session  from 
crashing.  A  single 
mainframe  can  use  up 
to  64  VIPA  addresses 
for  a  given  application. 

SecureWay  Communications 
Server  also  gains  support  for 
Internet  Key  Exchange  0KE), 
Devine  says.  IKE  is  an  industry- 
standard  technology  that  per¬ 
mits  the  automatic  dynamic 
assignment  of  IP  Security  en¬ 
cryption  keys  as  they  become 


available  to  end  users  to  estab¬ 
lish  virtual  private  network  ses¬ 
sions.  Previously',  the  keys  had 
to  be  assigned  manually. 

OS/390  2.8  will  be  available 
in  September.  All  existing 
Version  2  users  may  get  Version 
2.8  for  no  additional  charge.  3 
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It’s  hard  to  forecast  changes  to  the  LAN 


But  it’s  easy  to  prepare  for  them. 
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In  today’s  changing  business  climate, 
Local  Area  Networks  face  new  and 
unexpected  demands.  That’s  why 
3Com®  Enterprise  LAN  Solutions  offer 
the  scalability  and  flexibility  to  adapt 
to  those  demands  so  you  can  achieve 
greater  performance  and  value  from 
your  network. 

3Com  CoreBuilder®  and  SuperStack®  II 
switches,  combined  with  our  Transcend® 
network  management  and  world-class 
service,  deliver  the  highest  level  of 
network  availability.  And  end-to-end 
policy  management  simplifies  network 
administration,  enabling  you  to  support 
converged  network  services. 

To  obtain  an  updated  forecast  for 
your  network— and  our  free  book  on 
how  3Com  Enterprise  LAN  Solutions 
will  meet  your  needs  — visit  us  at 
www.3com.com/lan_leadership. 


3Com®  LAN  Solutions 


3Com’s  10/100,  Gigabit  Ethernet,  Layer  3  and 
ATM  solutions  ensure  maximum  capacity 
and  control  without  compromise. 
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More  connected. 


Vendors  rolling  out  more  muscular  servers 

Eight-processor  servers  up  performance  and  resource  utilization,  but  some  question  the  need. 


BY  DENI  CONNOR 

A  long-delayed  second  crop 
of  eight-processor  Pentium  III 
Xeon  servers  will  start  ship¬ 
ping  today,  which  should 
please  customers  whose  needs 
have  bypassed  the  existing 
four-processor  models. 

These  servers  use  the  faster 
and  more  powerful  Intel  Pro¬ 
fusion  chipset.  They  follow 
eight-processor  models  from 
vendors  such  as  NEC  and 
Hitachi  Data  Systems  that 
were  available  earlier  because 
the  servers  use  proprietary 
chipsets  or  Profusion  chipsets 
developed  under  separate 
licenses  from  Intel. 

The  second  batch  of 
servers,  from  Compaq,  Data 
General,  Hewlett-Packard  and 
Dell,  had  been  waiting  for  Intel 
to  provide  Profusion  chipsets 
sufficient  in  quantity.  These 
chipsets  speed  processing  by 
allowing  eight  processors 
within  a  server. 

While  the  Profusion-based 


The  Dell  PowerEdge  8450  is 
expected  to  ship  next  month. 


servers  have  minor  feature 
differences,  vendors  say 
the  primary  benefits  are 
across-the-board  perfor¬ 
mance  and  resource-usage 
improvements. 

Compaq  is  one  of  the 
first  vendors  to  release  per¬ 
formance  benchmarks  for  its 
eight-way  ProLiant  8000. 
The  8000  performed  at 
over  40,000  transactions 
per  minute  in  testing  by 
the  Transaction  Processing 
Council. 

James  Hammon  of  Illinois 
Power  in  Decatur,  is  pleased  by 
the  performance  increase  he 
sees  with  his  ProLiant  8000. 

“With  the  four- way,  we 
could  simulate  7,000  alarms 
per  minute  with  100%  CPU 
utilization,”  says  Hammon,  an 


IS  analyst. “The  eight-way  gives 
us  15,000  alarms  per  minute 
with  less  than  50%  utilization. 

“We  need  the  headroom 
the  eight-way  gives  us  for 
energy  spikes  caused  by 
unexpected  weather  condi¬ 
tions,”  Hammon  adds. 

James  Gruener,  an  analyst 
with  Aberdeen  Group  in  Bos¬ 
ton,  questions  the  value  of  the 
performance  gains  in  eight¬ 
way  servers.  He  says  that 
while  the  eight-way  servers 
will  give  a  power  boost  to 
database  or  enterprise 
resource  planning  applica¬ 
tions  and  machines  that  run 


multiple  applica¬ 
tions,  the  real  benefit 
will  come  with  the 
introduction  of 
Windows  2000. 

Until  then,  Gruener 
says  in  most  cases 
putting  eight  proces¬ 
sors  to  work  attack¬ 
ing  a  performance 
issue  is  overkill. 
“Once  Windows  2000 
comes  out,  these  sys¬ 
tems  are  going  to  per¬ 
form  a  hell  of  a  lot 
better,”  he  says. 

At  least  one  other 
user  anticipates  the 


Data  General 
AV8900  is  due 
mid-September. 


same  results.  Steve 
Wolfcale,  director 
of  network  opera¬ 
tions  at  Skil  Bosch 
Power  Tool  in 
Chicago,  has  600 
users  running  on  an 
HP  LXR8500  with 
Windows  NT  4.0 
and  Microsoft 
Exchange  Server. 
He  has  plans  to 
migrate  another 
250  users  to  the 
platform,  as  well  as 
add  virus-scanning 
and  desktop-trou¬ 
bleshooting  soft¬ 


ware  to  the  server,  so  Wolf¬ 
cale  is  always  looking  for 
problems. 

“Windows  2000  is  going  to 
be  more  resource-intensive, 
and  Microsoft  Exchange  is  a 
classic  resource  hog,”  he  says. 
“I  expect  enhancements  to 
Microsoft  products  will  con¬ 
tinue  to  eat  up  resources.” 

Compaq  will  ship  two 
servers  today:  the  21-drive 
ProLiant  8000  and  the  four- 
drive  Proliant  8500.  The  Dell 
PowerEdge  8450  will  ship  by 
the  end  of  September.  Data 
General’s  Windows  NT-only 
AV  8900  server  and  HP’s  LXr 
8500  will  ship  in  mid- 
September.  The  Compaq,  Dell 
and  HP  servers  operate  in 
Windows  NT,  Unix,  Linux  and 
NetWare  environments.These 
servers  range  in  price  from 

$20,000  to  $90,000.  a 


Microsoft  ups  SMP  support  to  meet  user  demand 


BY  JOHN  FONTANA 

Customer  feedback  paid  off 
last  week  when  Microsoft  re¬ 
structured  its  base  license  on 
symmetric  multiprocessing 
(SMP)  in  Windows  2000  in 
order  to  deliver  better  perfor¬ 
mance  at  a  lower  price. 

The  new  licensing  means  IT 
executives  won’t  have  to  pay 
extra  to  run  their  Windows 
2000  server  software  on  high- 
performance  SMP  boxes,  espe¬ 
cially  the  eight-way  servers 
being  introduced  by  many  hard¬ 
ware  vendors  (see  story,  above). 
Those  executives  also  will  see 
performance  gains  using  the 
eight-way  architecture  as 
opposed  to  the  four-way  model. 

Microsoft’s  Windows  2000 
documentation  recommends 
eight  or  more  processors  for 
optimal  performance  and  scala¬ 
bility,  yet  the  company  only 
supports  four-way  deploy¬ 
ments  with  the  base  license  for 
the  Advanced  Server  edition  of 
the  operating  system. 

That  left  IT  executives  with 
the  choice  of  buying  an  addi¬ 
tional  license  for  the  other  four 
processors  or  stepping  up  to 
the  DataCenter  version  of  the 
operating  system,  which  is 
overkill  with  16-way  SMP  While 
pricing  has  yet  to  be  an¬ 
nounced  for  Windows  2000, 
due  to  ship  by  year-end,  the  bot¬ 
tom  line  for  IT  was  extra  cost. 

“It’s  a  home  run  if  they  bring 
out  Advanced  Server  with  clus¬ 


tering,  load  balancing  and  eight¬ 
way  support,”  says  Kevin 
Beattie,  director  of  corporate 
information  systems  for 
Nordson  Corp.,  which  devel¬ 
ops  systems  for  applying  adhe¬ 
sives,  sealants  and  coatings. 
Beattie  says  his  licensing  costs 
will  increase  nearly  400%  when 
he  moves  from  NT  4.0  Standard 
Edition  with  its  four-way  SMP 
to  NT  4.0  Enterprise  Edition 


tion  server.  Many  large  enter¬ 
prise  applications  today  typical¬ 
ly  run  on  eight-way  Unix  boxes. 

“Microsoft  decided  not  to 
get  caught  up  in  the  old  IBM 
disease,  which  was  to  charge 
for  everything,”  says  Rob 
Enderle,  an  analyst  with  Giga 
Information  Group  in  Santa 
Clara,  Calif. 

The  increase  in  processors, 
however,  does  not  produce 


load  balancing,  as  part  of  its 
scalability  story.  Besides  the 
improvements  in  Advanced 
Server,  the  Server  edition  of 
Windows  2000  now  supports 
four-way  SMP,  up  from  two, 
and  the  DataCenter  version 
also  doubled  in  capacity  to  32- 
way  SMP. 

“Customers  were  asking  for 
Advanced  Server  to  run  on 
eight-way  systems,”  says  Keith 
White,  director  of  marketing  for 
the  business  and  enterprise 
group  at  Microsoft.  “We  want  to 
make  sure  Windows  2000  will 


Processing  power 

Microsoft  has  doubled  the  base-level  SMP  support  in  each  of  the  three  versions  of  the  Windows 
2000  server  and  in  the  desktop  version  of  the  operating  system. 

Windows  2000  version 

Base  SMP  support 

Deployments 

Professional 

Two-way 

Laptop,  desktop 

Server 

Two-way 

Small  business,  print/file  services 

Advanced  Server 

Eight-way 

Databases,  applications 

DataCenter 

32-way 

Online  Transaction  Processing,  data  warehousing 

with  eight-way  SMP  That  was 
a  major  reason  customers 
demanded  Microsoft  provide 
eight-way  support  out  of  the 
gate,  company  officials  say. 

Microsoft  responded  by  dou¬ 
bling  SMP  capabilities  for  each 
of  its  three  Windows  2000  serv¬ 
er  editions  —  Server,  Advanced 
Server  and  DataCenter  —  and 
in  the  desktop  version  of  the 
operating  system,  Professional. 
Key,  however,  is  eight-way  SMP 
support  in  Advanced  Server, 
which  is  likely  to  be  deployed 
in  the  enterprise  as  an  applica- 


fixed  incremental  gains  in  scala¬ 
bility  because  of  the  way  the 
processors  interoperate.  Per¬ 
formance  will  depend  on  hard¬ 
ware  as  much  as  software.  With 
SMP  multiple  processors  reside 
in  a  single  box  and  share  the 
same  memory. 

“I’m  cautious  because  Micro¬ 
soft  users  say  beyond  four 
processors  they  don’t  see  much 
improvement,”  says  Jon  Oltsik, 
an  analyst  with  Common  Sense 
Advisory  in  Chelmsford,  Mass. 

But  Microsoft  is  pursuing 
SMP,  as  well  as  clustering  and 


be  the  server  software  for  those 
systems.  We  want  Advanced 
Server  to  meet  the  needs  of 
line-of-business  and  electronic 
commerce  applications.” 

The  SMP  licensing  changes 
will  not  affect  the  release  of 
Windows  2000.  Currently,  the 
software  is  in  beta  testing. 
Microsoft  shipped  a  Release 
Candidate  on  July  1,  and 
Release  Candidate  software  is 
assumed  to  be  close  to  final 
code.  A  second  Release 
Candidate  is  expected  by  the 
end  of  this  month,  lal 
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Lucent  steps  up  Pipeline  remote  access  line 


BY  DAVID  ROHDE 

MURRAY  HILL,  N.J.  — 
Lucent  this  week  is  set  to 
expand  the  Pipeline  remote 
access  concentrator  and  router 
line  that  it  obtained  as  part  of 
its  recent  purchase  of  Ascend 
Communications. 

The  company’s  two  new 
products,  the  SuperPipe  95  and 
SuperPipe  155,  are  multiservice 
access  devices  intended  for 
telecommuters  and  remote 
branch  offices,  respectively. 
Both  devices  have  analog  as 
well  as  ISDN  ports,  meaning 
users  can  maintain  access  to 
corporate  nets  or  the  Internet 
while  routing  voice  calls  over 
public  switched  telephone  net¬ 
work  lines,  if  necessary. 

Steve  Reustle,  managing  di¬ 
rector  of  product  management 
for  the  Pipeline  family,  says  the 
boxes  will  go  up  against  Cisco’s 


1600  and  1720  remote  access 
routers  and  3Com’s  NetBuilder 
II.  Analysts  say  the  Lucent  prod¬ 
ucts  offer  few  new  features  vs. 
competitors’  boxes  but  that 
they  bundle  in  security  and 
other  features  under  one  price. 

One  current  Pipeline  model, 
the  Pipeline  75,  already  pro¬ 
vides  voice  and  data  connectiv¬ 
ity.  But  the  new  boxes  have  a 
much  faster  processor,  the  Mo¬ 
torola  860,  which  provides  66 
MIPS  of  processing  power  vs. 
4.5  MIPS  on  the  Pipeline  75. 

That  means  the  new  devices 
can  support  interfaces  to  100M 
bit/sec  Fast  Ethernet  and  stan¬ 
dard  10M  bit/sec  shared  Ether¬ 
net.  Plus,  the  larger  of  the  new 
boxes,  the  SuperPipe  155,  sup¬ 
ports  aT-1  or  fractional  T-l  WAN 
interface  that  may  be  needed  by 
corporate  branch  offices.  The 
SuperPipe  155  can  then  use  T-l 
access  to  the  corporate  net 


with  the  dual  ISDN  interfaces 
used  for  overflow.  Reustle  sug¬ 
gests  that  some  users  may 
choose  the  dual  ISDN  Basic 
Rate  Interfaces  as  a  cost-effec¬ 
tive  WAN  alternative  to  the 


nearly  equivalent  bandwidth  of 
256K  bit/sec  frame  relay. 

Lucent  also  expects  the 
boxes  to  be  picked  up  as  an 
enhanced  product  offering  by 
ISPs  looking  to  offer  managed 


services,  including  IP  virtual  pri¬ 
vate  nets.  ISPs  already  make  up 
a  large  portion  of  Ascend’s 
installed  base. 

Routing  support  in  the  new 
boxes  includes  IP,  IPX  and 
AppleTalk.  That  support  comes 
as  a  separate  feature  pack  for 
an  extra  cost  in  the  Cisco  prod¬ 
ucts.  Firewalls  and  IP  Security- 
based  encryption  also  come 
standard  on  the  Lucent  boxes. 

John  Armstrong,  chief  net¬ 
working  analyst  at  Dataquest, 
says  the  SuperPipe  95  may  be 
too  expensive  at  $  1 ,295.  But  the 
SuperPipe  155  may  work  well 
for  branch  offices  at  $1,795,  es¬ 
pecially  because  Lucent  isn’t 
charging  extra  for  security  fea¬ 
tures.  He  adds  that  the  real 
potential  for  voice/data  multi¬ 
service  access  routers  won’t  be 
met  until  vendors  add  digital 
subscriber  line  and  cable  mo¬ 
dem  support  for  those  markets. 

The  Lucent  products  are 
available  now. 

Lucent:  www.lucent.com/ 
dns/products/pipeline.html 


Bolstering  remote  access 

Lucent's  two  new  multiservice  remote  access  boxes  are 
optimized  for  different  situations: 


SuperPipe  95 

SuperPipe  155 

Best  used  by 

Small  offices/home  offices 

Remote  branch  offices 

Key  features 

•  Two  ISDN  BRIs 

•  All  of  the  SuperPipe  95 

•  Autosensing  10/100M  bit/sec 

features 

Base-T  Ethernet  interface 

•  Unchannelized  T-1  or 

•  One  ISDN  BRI  interface 
to  the  desktop  for  digital 
phone  or  video 

•  SecureConnect  Firewall 
with  40-bit  IPSec  DES 

fractional  T-1  interface 

encryption 

Price 

$1,295 

$1,795 

II  s  not  ju  »t  about 


having  unsurpassed 


levels  of 


mmmm 


■  ‘  aPwta 


IP  security. 


Whether  it's  with  your  colleagues  down  the  hall  or  those  around  the  globe,  sharing  mission-critical  data  securely  is  imperative. 
As  an  industry  leader  in  IP  Security,  Sprint  offers  end-to-end  solutions  that  significantly  reduce  the  risk  of  external  Internet  breaches  as 
well  as  internal  network  breaches.  In  addition,  Sprint  offers  unsurpassed  levels  of  managed  security,  100%  managed  firewall  sevice 


12  Network  World  August  23,  1  999  www.nwfusion.com 


h 


News 


Tailored  phone  services  on  tap  from  BroadSoft 


BY  TIM  GREENE 

GAITHERSBURG,  MD.  — 
Start-up  BroadSoft  is  writing 
software  that  will  let  carriers 
offer  tailored  phone  services  to 
fit  specific  customer  needs. 

Backed  by  $5  million  in  ven¬ 
ture  capital,  BroadSoft’s  Broad- 
Works  platform  will  create  ser¬ 
vices  by  tapping  multiple 
devices  in  carrier  networks. 

The  platform  is  flexible 
enough  to  someday  allow  cus¬ 
tomers  to  fine-tune  their  own 
services,  according  to  Michael 
Tessler,  BroadSoft’s  president 
and  CEO.  For  example,  a  cus¬ 
tomer  might  use  a  Web  inter¬ 
face  to  choose  a  service  option 
that  forbids  international  phone 
calls  at  certain  times  of  the  day 
or  blocks  900-number  calls. 

BroadWorks  functions  simi¬ 
larly  to  the  way  service  soft¬ 
ware  works  in  traditional 


carrier  networks.  However, 
interactions  among  devices  in 
traditional  carrier  networks  are 
proprietary,  so  adding  new  ser¬ 
vices  or  making  changes  is 
expensive  and  time  consuming. 

BroadWorks,  on  the  other 
hand,  will  work  with  gear 
from  multiple  vendors.  It  will 
talk  to  other  devices  using 
standard  protocols,  such  as 
Session  Interface  Protocol; 
Media  Gateway  Control 
Protocol  for  controlling  voice- 
over-IP  calls;  and  H.323  for 
performing  call  signaling  and 
converting  packets  to  voice. 

As  long  as  other  vendors’ 
equipment  meets  the  stan¬ 
dards,  BroadWorks  can  talk  to  it. 

Interoperability  will  be  im¬ 
portant  to  new  carriers  that 
want  to  offer  multiple  services 
and  access  technologies  such 
as  cable,  digital  subscriber  line, 
digital  wireless  and  cellular.  A 


carrier  could  use  BroadWorks 
to  create  services  on  any  of 
those  networks,  eliminating  the 
need  for  multiple  separate  soft¬ 


ware  platforms. 

The  software  is  designed  to 
create  services  one  feature  at  a 
time  by  breaking  the  services 


Build  your  own  phone  service 

BroadSoft's  BroadWorks  software  on  a  Sun  workstation  supports 
complex  phone  services  that  users  can  customize. 


©  Customer  places  a  phone  call  from  a  packet  network. 


©  A  barring  service  determines 
whether  the  caller  is  authorized 
to  place  this  type  of  call. 


BroadWorks  telephone 
service  creation  software 


Barring 

service 


PIN 

service 


Notifi¬ 

cation 

service 


Basic 

service 


PSTN 


©  PIN  service  determines  ©  A  notification  service 


whether  the  number 
called  requires  a  personal 
identification  number. 

If  so,  the  service  validates 
or  rejects  the  PIN. 


checks  whether  an 
e-mail  should  be  sent 
to  an  administrator 
noting  the  call  has 
been  made. 


©  The  call  is 
processed  and 
completed. 


into  call  application  modules. 
One  module  might  reject  all 
calls  from  unknown  parties, 
while  another  might  route  calls 
depending  on  time  of  day. 

Services  are  created  by 
grouping  a  set  of  call  applica¬ 
tions  that  define  a  service. 
Alternately,  new  services  can 
be  created  by  modifying  exist¬ 
ing  modules  —  a  much  simpler 
task  than  writing  a  new  appli¬ 
cation  from  scratch,  as  is  done 
with  the  traditional  public 
voice  network. 

BroadWorks  also  has  inter¬ 
face  modules,  which  allow  the 
software  to  communicate  with 
devices  controlling  certain 
aspects  of  a  carrier  network. 
For  example,  the  interfaces 
might  connect  with  devices 
that  control  e-mail,  the  phone 
network  or  a  voice  mailbox. 

BroadSoft  plans  to  start  beta¬ 
testing  by  year-end  and  make 
BroadWorks  generally  available 
in  the  first  quarter  of  2000. 

BroadSoft:  www.broadsoft. 
com 


performance  guarantees  and  dedicated  security  support,  24  hours  a  day,  7  days  a  week. 
Because  at  Sprint  it's  not  just  about  building  secure  networks.  It's  about  letting  you  build 
secure  relationships.  Isn't  that  the  point  of  contact?  1 -888-730-DATA  www.sprint.com/data 


Sprint 


The  point  of  contact" 
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Oracle's  data  appliance  scores  with  testers 


BY  JOHN  COX 

Oracle’s  “database  appliance”  is  win¬ 
ning  praise  from  software  vendors  that 


have  been  testing  their  applications 
with  the  upcoming  product. 

Databases  are  notoriously  complex: 
The  bigger  they  grow,  the  more  com¬ 


plex  they  become.  Last  year,  in  his  typ¬ 
ically  flamboyant  style,  Oracle  Chair¬ 
man  Larry  Ellison  trumpeted  the  idea 
of  installing  a  pretuned,  almost  auto- 
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ACROSS  A  Pi  1C  NETWORK, 
SHOULDN'T  YOU  LAVE 
r.  A  SAFETY  NI  T 


RACAL'S  DATACRYPTOR"'  2000 

There  are  many  good  reasons  to  migrate 
from  leased  lines  to  Frame  Relay,  but 
protecting  your  data  is  not  one  of  them. 
With  the  incidence  of  hacking,  data  theft, 
and  industrial  espionage  on  the  rise,  now 
more  than  ever,  your  business  needs  the 
DATACRYPTOR  2000. 

Racal's  DATACRYPTOR  2000  family  of  link 
and  frame  relay  encryptors  are  designed  to 
protect  your  valued  data  by  authenticating 
your  connections  and  encrypting  data  that 
flows  across  your  network. 

The  versatile  DATACRYPTOR  2000  protects 
your  business  using  X.509  certificates  to 
authenticate  each  connection  and  triple-DES 
to  encrypt  data.  Automatic  key  exchanges 
take  place  using  Diffie-Hellman  Public  Key 
negotiation  as  frequently  as  you  wish.  The 
DATACRYPTOR  2000  offers  soft-loadable, 
digitally  signed  algorithms  to  protect 
your  investment  today  and  for  the  future. 
From  a  single,  central  point  of  control, 
the  DATACRYPTOR  2000  can  be  installed, 
configured  and  managed  using  SNMP  and 
Racal's  secure  graphical  Element  Manager. 

When  it  comes  to  providing  your  valuable 
information  safe  and  secure  passage,  look 
to  Racal  to  be  your  safety  net. 

CALL  NOW  FOR  MORE  INFORMATION  ON 
FRAME  RELAY  VULNERABILITY  AND  RECEIVE 
YOUR  FREE  KEY  MANAGEMENT  WHITE  PAPER 
OR  VISIT  US  AT  WWW.RACALITSEC.COM 
1-888-744-4976  OR  1-954-846-4700  EXT.  4492 


Racal  Security  and  Payments 


LINK  TO  A  SECURE  FUTURE 

Racal,  Racal  Security  and  Payments  and  Datacryptor  2000  (DC2K)  are  trademarks  of  Racal  Electronics  Pic.  ©1999  All  rights  reserved.  7/99 
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Free  Product  info  enter  NWInfoXpress  #55  online  @  www.networkworld.com/infoxpress 
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mated  version  of  the  Oracle8i  data¬ 
base  on  a  separate  server  running  a 
stripped-down  version  of  Sun’s  Solaris 
operating  system.  The  project’s  code 
name  was  Raw  Iron. 

The  result,  he  predicted,  would  be  a 
product  that  would  work  like  a  refrig¬ 
erator:  plug  it  in,  turn  it  on,  fill  it  up  and 
it  would  run. 

According  to  a  couple  of  software 
vendors,  that’s  more  or  less  what  hap¬ 
pens  with  Oracle’s  new  product,  called 
Oracle8i  Appliance. 

“We  didn’t  have  to  make  any 
changes  to  our  application,”  says  Greg 
Gianforte,  president  of  Right  Now 
Technologies  in  Bozeman,  Mont.  The 
company  makes  a  self-learning  cus¬ 
tomer  service  application  for  Web  sites 
and  has  been  testing  it  for  the  past  six 
weeks  with  the  Oracle8i  appliance. 

“We  plugged  it  in,  configured  our 
application  as  we  do  with  any  other 
Oracle  database,  and  it  just  worked,” 
Gianforte  says.The  only  difference  is  that 
the  application  now  runs  on  one  com¬ 
puter  and  the  database  runs  on  another. 

Once  pricing  for  the  Oracle  appli¬ 
ance  is  announced,  probably  this  fell, 
customers  will  be  able  to  weigh  the 
costs  of  having  two  machines  against 
the  presumably  lower  support  and 
operational  costs  of  the  appliance. 

Lawson  Software  in  Minneapolis 
had  equally  smooth  sailing  when  test¬ 
ing  its  business-suite  product  on  the 
appliance. 

“Our  applications  worked  just  as 
slick  on  the  appliance  as  on  any  other 
instance  of  Oracle,”  says  Bill  Keatts, 
Lawson’s  vice  president  of  technology 
development.  “It  was  a  nonevent  in 
terms  of  verifying  it  worked  properly.” 

The  critical  issue  is  still  whether  the 
appliance  will  be  easier  to  use  over  the 
long  haul,  especially  as  the  amount  of 
data  and  users  grow. 

Lawson’s  database  administrators 
saw  some  evidence  that  Oracle’s  appli¬ 
ance  would  greatly  simplify  the  array  of 
database  administration  tasks  that  today 
have  to  be  done,  in  a  sense,  by  hand. 

“We  were  able  to  verify  some  of  the 
self-tuning  features,”  Keatts  says.  “It 
seems  like  the  normal  back-end  ser¬ 
vices  of  retuning,  reconfiguring  and 
adding  more  disks  are  largely  handled 
by  the  appliance.” 

Typically,  adding  new  disks  to  store 
more  data  is  a  complex  job.  But  the 
appliance  makes  it  easy,  Keatts  says. 

The  Oracle  appliance  detects  when 
disk  space  is  running  low  and  sends  a 
notice  to  its  management  console. The 
operator  brings  in  a  new  disk  system 
and  connects  it  to  the  appliance.  The 
appliance  is  designed  to  automatically 
configure  itself  and  incorporate  the 
new  disk,  with  little  or  no  operator 
involvement. 

The  Oracle  appliance  will  be  available 
this  fall,  and  will  be  sold  by  Hewlett- 
Packard  Dell,  Seimens  and  Compaq. 

Oracle:  www.oracle.com 
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Our  new  Switch  Wizard”  edition  of 
Enterprise  LANMeter*  solves  the 
mystery  of  seeing  inside  switches. 
In  fact,  it's  the  only  portable 

diagnostic  tool 
that  lets  you  run 
down  trouble¬ 
makers  hiding 
inside  the  black 
holes  of  Ethernet, 
Token  Ring, 
even  FDDI 
environments. 
By  investigating 
the  SNMP 
agents  built 
into  your  switches  it  gives  you 
electronic  surveillance  over  every 
port  in  your  network.  Instantly. 

Touch  your  LANMeter  and  a 
rogues'  gallery  for  network 
problem-solving  pops  up  on 
screen.  Hubs  gone  bad.  Broadcast 
storms.  Activity  loads.  Error  rates. 
Traffic  snarls.  Interface  hang  ups. 
Routers  on  the  fritz.  Whatever 
culprits  are  bugging  you. 

Call  1-888-819-2487  or  visit 
the  web  site  shown  below  and 
find  out  how  the  Fluke  Enterprise 
LANMeter  with  the  SwitchWizard 
option  can  make  you  a  network 
super  sleuth.  Your  reward:  Free 
application  notes  on  troubleshoot¬ 
ing  Cisco  and  Bay  switched 
environments.  Undercover. 


Fluke.  Keeping  your  world 
up  and  running. 


FREE.  Visit 

www.fluke.com/nettools/swizard/ 

today  and  get  the  application 
notes  on  troubleshooting  Cisco8 
Systems  Catalyst"-  5000  and  Bay 
Networks®  BayStack™  28000 
switched  environments. 


©  1998  nuke  Corporation.  U.S.  (800)  44-FLUKE. 

Fax  back  (800)  FLUKE  FAX.  Canada  (800|  36-FLUKE. 

Europe  (31  40)  2  678  200.  Other  countries  (425)  356-5500. 
www.fluke.com/nettools/swizard/  All  nghts  reserved.  Ad  no.  01197 


Seeing  inside  switches 

makes  you  the 
smartest  Private  Eye 

on  the  network. 

Free  Product  info  enter  NWInfoXpress  #65  online  @  www.networkworld.com/infoxpress 
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MCI  WorldCom, 

continued  from  page  1 

ware  version  called  Jade-1  from 
WorldCom ’s  legacy  frame  relay 
switches  —  left  the  company 
doubtful  that  it  could  unify'  its 
legacy  MCI  and  WorldCom 
frame  relay  networks  any  time 
soon. 

The  overall  performance  of 
the  No.  2  long-distance  carrier 
was  “abominable,”  says  Frank 
Dzubeck,  president  of  Com¬ 
munications  Network  Arch¬ 
itects,  a  consulting  firm  in 
Washington,  D.C. 

Nine  days  after  the  network 
crisis  began,  MCI  WorldCom 
shut  down  the  network  over  a 
weekend  to  remove  the  Lucent 
software.  But  that  should  have 
happened  earlier,  Dzubeck 
says:  “They  should  have  shut 
down  and  reloaded  after  the 
first  day.” 

Some  felt  that  MCI  World- 
Corn’s  recent  loss  of  data-net- 
work  engineers  hampered  the 
carrier  as  it  tried  to  reassemble 
permanent  virtual  circuit 
addresses,  known  as  Data  Link 
Connection  Identifiers  (DLCI). 

MCI  WorldCom  says  it  put  10 
people  to  work  reinstalling  the 


addresses  before  finally  pulling 
the  plug  on  the  software.  “But 
they  obviously  did  not  have 
enough  techs  trained  on  rein¬ 
stalling  DLCIs,”  says  Lisa  Pierce, 
a  telecom  analyst  at  Giga 
Information  Group.  “Ten  work¬ 
ing  around  the  clock  is  fine,  but 
they  should  have  had  every 
available  body  on  it.” 

Users  also  reported  chaos 
among  account  representa¬ 
tives.  “They  never  contacted 
us,”  says  Steve  Capriolo,  direc¬ 
tor  of  technical  services  for 
Libgo,  the  parent  company  of 
Mahwah,  N.J.-based  Liberty 
Travel,  which  has  a  159-node 
WorldCom  frame  relay  net¬ 
work.  “We  couldn’t  get  any 
information  other  than  what 
we  saw  on  the  Internet.” 

Numerous  ISPs  that  rely 
on  WorldCom  frame  relay  for 
cross-country  transport  re¬ 
ported  to  their  customers  in  a 
series  of  frantic  e-mails  that 
they  couldn’t  get  reliable 
repair  dates  from  MCI  World¬ 
Com,  either. 

Some  of  those  e-mails, 
obtained  by  Network  World, 
painted  a  picture  of  a  long¬ 
distance  carrier  desperately 
trying  to  get  its  act  together, 


often  with  only  one  techni¬ 
cian  available  to  go  to  affected 
switch  sites. 

“The  [MCI  WorldCom]  tech 
is  still  en  route  to  the  Atlanta 


Ebbers  on  the  griddle 


switch.  However,  he  was  held 
up  in  traffic  and  was  delayed,” 
GTE  Internetworking  re¬ 
ported  by  e-mail  to  a  large  list 
of  IP  customers  at  one  point 
on  Aug.  8. 

All  of  GTE  Internetworking’s 
Dialinx  network  currently  runs 
over  MCI  WorldCom  frame 
relay,  says  Patrick  Klopfer,  vice 
president  and  general  manager 
of  remote  access  services  at 
GTE.  At  one  point,  75%  of  the 
Dialinx  network  lost  connectiv¬ 
ity,  Klopfer  says. 

Affected  users,  enterprise 
and  carrier  alike,  seemed  in  lit¬ 
tle  mood  to  accept  Ebbers’ 
offer  of  two  days’  credit  for 
every  day  the  network  was  on 
the  fritz. 

For  example,  Libgo  invoked 
ISDN  backup  on  almost  all  of 
its  159  WorldCom  frame  relay 
sites  when  the  outage  hit. 
“Going  up  on  ISDN  is  very 
expensive,”  Capriolo  says.  He 
had  to  pay  26  cents  per  minute 
to  Sprint  for  his  backup  lines, 
and  even  then  he  could  only 
bring  in  remote  sites  24  at  a 
time  to  a  single  ISDN  Primary 
Rate  Interface  at  headquarters. 

For  their  part,  MCI  World¬ 
Com  officials  say  they  are 
reassessing  long-held  plans  to 
migrate  legacy  MCI  Hyper- 
Stream  frame  relay  customers 
on  Nortel  network  switches  — 
who  were  not  hit  by  the  prob¬ 
lems  —  to  the  Lucent-based 
network. 

“Given  this  most  recent 
experience,  we’re  going  to  go 
back  to  the  drawing  board  and 


reassess  what  we’re  going  to 
do,”  says  Ron  Beaumont,  presi¬ 
dent  of  network  services  for 
MCI  WorldCom. 

In  all,  the  company  main¬ 
tains  four  separate 
frame  relay  networks, 
and  any  move  now  to 
pull  these  together 
apparently  would  have 
to  start  from  square 
one.  Beaumont  con¬ 
firmed  that  part  of  the 
reason  for  the  upgrade 
to  Jade  was  to  increase 
scalability  on  the  World¬ 
Com  net  to  accept  lega¬ 
cy  MCI  customers. 

The  original  net  con¬ 
gestion  was  not  due  to 
excess  customer  traffic, 
but  was  the  result  of  ex¬ 
cessive  CPU  utilization 
in  the  Lucent  switches 
triggered  by  something 
,  in  the  software  load, 
|  Beaumont  says.  That 
e  generated  too  much 
administrative  traffic, 
which  caused  each  switch  to 
toggle  repeatedly  between  its 
live  and  backup  modes. 

But  Lucent  officials  say 
nothing  like  that  had  ever 
happened  before.  Harry  Carr, 
chief  operating  officer  of 
Lucent’s  Broadband  Carrier 
Networks,  took  care  to  accept 
responsibility  for  what  he 
says  was  a  “software-related 
issue.”  But  he  also  says  the 
Jade  release  has  been  success¬ 
fully  installed  in  a  number  of 
carrier  networks,  including 
one  “about  as  large,  if  not 
larger,  than  this  network  in 
question.” 

The  WorldCom  network  in 
question  was  actually  built  by 
WilTel,  a  carrier  WorldCom 
bought  in  1995-  “WilTel  was  a 
great  company,”  Capriolo  says. 
“But  as  they  became  first  LDDS 
and  then  WorldCom  and  then 
MCI  WorldCom,  it  has  gotten 
harder  to  deal  with  them.” 
Response  times  to  turn-ups  and 
relocations  have  deteriorated, 
and  billing  snafus  have  grown. 

“Now  they’re  trying  to 
merge  all  these  networks  into 
one  network,”  Capriolo  says. 
“And  I  guess  they’re  finding 
out  they  can’t  do  that.  We’re 
sitting  down  with  Qwest  next 
week.”  B 

Senior  Editor  Denise 
Pappalardo  contributed  to 
this  story. 

Get  more  info  online. 
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More 


breaking  news 

Network  World  Fusion  now  has  more  news  than  ever. 
Check  out  these  stories  online: 


New  group  plans  testing 
for  wireless  LANs 

The  Wireless  Ethernet 
Compatibility  Alliance 
officially  makes  its  debut 
this  week.  The  group  will 
craft  a  set  of  interoperability 
tests  and  hire  an  indepen¬ 
dent  test  lab  to  administer 
them.  Products  that  pass  the 
tests  proving  they  work 
with  other  802. 1 1  products 
will  be  branded  with  the 
Alliance’s  mark.  DocFinder: 


Get  your  news  here! 

NetFlash  delivers  network 
news  to  your  e-mail  inbox, 
every  day,  free  of  charge. 
And  it  includes  occasional 
flashes  of  wit.  Sign  up  today, 
sit  back  and  let  the  news 
come  to  you. 


4338 


IBM  executive  shares  views  on  net  security 

Companies  today  cannot  afford  to  ignore  the  electronic 
business  revolution,  but  they  must  come  up  with  a  compre¬ 
hensive  approach  to  network  security  if  they  hope  to  succeed. 
This  was  the  message  from  IBM  executive  Jeffrey  Jaffe,  general 
manager  of  the  IBM  Secure  Way  business  unit  who  says  a 
“security  chasm”  currently  exists  in  many  organizations. 
DocFinder:  4339 

Lucent  and  Cisco  are  at  it  again: 

They  each  buy  another  company 

The  acquisition-mad  Lucent  ponied 
up  another  $  1 .7  billion  of  its  stock 
for  Excel  Switcliing,  a  company  that  makes  open  programmable 
switches  for  local  and  long-distance  carriers.  Meanwhile,  Cisco 
says  it  plans  to  buy  1 -year-old  MaxComm  Technologies,  a 
developer  of  broadband  Internet  technology’  that  brings 
multiple  voice  and  data  lines  into  homes.  DocFinder:  4340 


New  developments  in  the  MCI 
WorldCom  frame  relay  saga: 

•  CEO  Bernie  Ebbers  offers  users  two  days' 
credit  for  every  day  their  networks  were 
out,  but  no  credit  for  back-up  expenses  or 
lost  revenue. 

Up  to  1 00  other  carriers  were 
affected  by  the  outage, 
causing  a  ripple  effect  to  IP 
VPN  services. 

•  Ebbers  blames  Lucent 
software,  but  Lucent 
ays  the  same  code  has 
been  successfully 
installed  elsewhere. 
Enterprise  cus¬ 
tomers  say  account 
teams  were  in  the 
dark  throughout 
the  crisis. 
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MISSIO 


Manage  the  endless 
information  that  is  the 
business  as  efficiently 
as  the  systems,  networks 
and  apps  that  run  it. 


Let  it  flow /The  Division  Head  is  banking  everything 
on  the  new  line.  Customers  are  clamoring  for  details. 
Marketing  is  capturing  data.  Finance  is  crunching  the 
numbers.  Today,  business  runs  on  information.  And 
IT  has  to  keep  all  of  it  available.  All  the  time.  Relax. 
Tivoli  Management  Software  offers  a  centralized  view 
of  data  across  multiple  systems,  applications  and 
SANs.  Plus,  if  any  data  should  get  derailed,  it  can  be 
quickly  and  easily  recovered  to  get  you  right  back 
on  track.  That’s  why  IT  chose  an  integrated  storage 
management  solution  from  Tivoli  Systems  Inc.,  an  IBM 
company.  1  888  TIVOLI-1,  www.tivoli.com/storage 


Tivoli, 


Manage.  Anything.  Anywhere.' 


Give  your  world  a  big  push  with  a  simpler,  more  scalable  networic  for 
the  new  enterprise.  We’re  talking  about  the  Extreme  Networks™  Summit™ 
and  BlackSiamond™  Layer  3  switches.  They  combine  Gigabit  Ethernet, 
wire-speed  performance  and  Policy-Based  Quality  of  Service  to  give 
new  enterprise  applications  a  well-deserved  push. 

So  now,  you  can  run  everything  from  ERP  to  e-commerce,  from  voice- 
over-IP  to  co-located  server  traffic.  No  sweat.  And  because  our  switches 
share  the  same  hardware,  software  and  management  architecture,  they’re 
easier  to  manage  and  can  actually  reduce  your  network  ownership  costs. 


Nor  more  information,  call  us  or  visit  our  web  site.  It  could  be  just 
the  push  everybody  in  your  company  needs. 


www.extremenetvorks.com 

800-822-3206  (U.S.) 

♦1  818-865-2811  (Outside  O.S.) 


©  1999  Extreme  Networks,  Inc.  All  rights  reserved.  Extreme  Networks,  Summit,  NlackDiamona, 

Networking  the  New  Enterprise  and  the  Extreme  Networks  logo  are  trademarks  of  Extreme  Networks. 

All  other  company  names  or  products  are  trademarks  or  registered  trademarks  of  their  respective  companies. 

Free  Product  info  enter  NWInfoXpress  #51  online  @  www.networkworld.com/lnfoxpress 


Bus-Tech  last  week  announc¬ 
ed  a  device  that  can  significantly 
simplify  and  reduce  the  cost  of 
connecting  mainframes  to  IP- 
based  Ethernet  LANs.  The  compa¬ 
ny's  VCR-sized,  $10,000  Main¬ 
frame  Network  Appliance  can  be 
used  in  place  of  IBM  front-end 


Bus-Tech's  Mainframe  Net¬ 
work  Appliance  ties  IP  nets 
to  the  mainframe. 

processors  or  channel-attached 
Cisco  routers  to  bridge  the  gap 
between  IP  backbones  and  main¬ 
frames.  Bus-Tech  currently  offers 
the  NetShuttle  line  of  devices  for 
connecting  mainframes  to  IP, 

SNA,  IPX  and  other  types  of  nets. 
But  the  appliance  is  smaller,  less 
expensive  and  handles  IP  25% 
faster,  the  company  claims.  The 
appliance  plugs  directly  into  the 
mainframe  over  bus  and  tag 
cables  or  fiber-based  Enterprise 
Systems  Connections.  On  the  LAN 
side,  the  appliance  attaches  to  10/ 
100M  bit/sec  Ethernet  switches  or 
routers. 

Bus-Tech:  www.bustech.com 

Cabletron  has  announced  the 
availability  of  software  for  the 
company's  SmartSwitch  6500  that 
adds  fault  tolerance  and  voice 
services  to  the  ATM  switch. 

The  software  provides  en¬ 
hanced  fabric  redundancy,  pro¬ 
cessor  redundancy  and  system 
file  monitoring.  It  also  adds  resil¬ 
ience  to  ATM  nets  via  LAN  Emula¬ 
tion  Network-to-Network  Inter¬ 
face  2.0,  a  redundant  ATM  ad¬ 
dressing  system.  The  feature  set 
simplifies  ATM  set-up  by  offering 
soft  PVCs,  a  method  for  dynami¬ 
cally  configuring  ATM  circuits, 
and  boosts  net  security  via  new 
ATM  address  filtering  systems. 

The  software  is  currently  ship¬ 
ping  with  all  new  SmartSwitch 
6500  systems. 

Cabletron:  www.cabletron.com 


Infrastructure 

h  TCP/IP,  LAN/ WAN  Switches,  Routers,  Hubs,  Access  Devices, 

Clients,  Servers,  Operating  Systems,  VPNs,  Networked  Storage 

Microsoft  pumps  QoS  into  Win  2000 


Server-based  QoS 

How  Microsoft's  RSVP-based 
QoS  technology  works: 

©  The  server  application  sends  an  RSVP 
signal  to  request  the  reservation  of 
bandwidth  based  on  application  and 
user  identity. 


Server 


©  Prioritized  packets  are 
sent  out  over  the  net¬ 
work  at  the  requested 
bandwidth. 


Policy  server 


©  A  policy  enforcement 
point  (PEP)  or  Microsoft 
Admission  Control 
Server  (ACS)  translates 
the  signal  into  a  format 
that  can  be  read  by  the 
policy  server. 


(;\  (;\ 


H 


Router 


©  The  policy 
server  grants 
the  request  and 
tells  the  server 
which  Diff-Serv 
prioritization 
bits  to  mark  on 
the  packets. 


PEP  or  ACS 


Network 


BY  JOHN  FONTANA 

While  quality-of-service 
mechanisms  are  typically 
embedded  in  network 
hardware,  Microsoft  is  doing  some  slick 
work  to  align  Windows  2000  with 
emerging  QoS  standards. 

The  work,  and  its  subsequent  inclu¬ 
sion  in  Windows  2000,  will  provide  IT 
executives  with  an  operating  system- 
based  mechanism  for  requesting  band¬ 
width  for  applications  and  marking  IP 
packets  with  priority  levels  for  move¬ 
ment  over  LAN  and  WAN  links. 

Microsoft’s  approach  is  gaining 
acceptance  from  hardware  vendors,  but 
they  caution  that  QoS  intelligence  must 
stay  in  network  devices  such  as  routers. 

But  Microsoft  isn’t  fighting  that 
notion,  rather  the  company  is  seeking 
to  work  with  it. To  that  end,  Microsoft  is 
backing  an  extension  to  the  IETF’s 
Resource  Reservation  Protocol  (RSVP). 


Microsoft,  Cisco  and  others  are  work¬ 
ing  on  an  extension,  which  combines 
RSVP,  a  signaling  mechanism  used  to 


request  bandwidth,  with  another 
IETF  standard  called  Differentiated 
See  Microsoft,  page  23 


Netopia  enters  the  VPN  game 


Netopia  box  includes  firewall,  VPN  and  traffic  shaping  features. 


BY  TIM  GREENE 

ALAMEDA,  CALIF.  —  Netopia  this 
week  will  introduce  a  device  aimed 
at  helping  customers  with  multiple 
remote  offices  more  easily  set  up  virtual 
private  networks. 

The  company  will  introduce  the 
S9500,  a  VPN  box  for  branch  offices  that 
includes  a  firewall  and  traffic  shaping,  as 
well  as  VPN  capabilities  that  meet  the  IP 
Security  standard  for  authentication  and 
encryption. 

Because  the  S9500  includes  many 
functions,  it  is  ideal  for  enterprises  that 
don’t  want  to  get  bogged  down  in  piec¬ 
ing  together  a  security  package  from 
many  vendors,  says  Steve  Rigney,  a 
senior  network  analyst  with  Net- 
Reference  in  Sterling,  Va. 

The  S9500  is  designed  for  site-to-site 
connections  among  separate  offices  as 
long  as  their  Internet  connections  are 
T-l  or  smaller,  Rigney  says.  The  device 
would  be  unsuitable  for  a  large  corpora¬ 
tion  with  a  headquarters  site  connected 
to  the  Internet  by  something  larger  than 
a  T-l,  he  says. 

Netopia  needs  to  develop  interoper¬ 


ability  with  vendors  of  VPN  gear  that 
support  larger  Internet  pipes  to  be  com¬ 
patible  as  a  branch-office  device  in  a 
large  enterprise,  Rigney  says. 

The  S9500  can  be  used  in  conjunc¬ 
tion  with  dial-up  remote  access  VPNs 
using  a  Netopia  VPN  client  that  sup¬ 
ports  Windows  95, 98  and  NT. 

The  S9500  connects  to  the  LAN  side 
of  a  branch  office’s  WAN  router  via  a 
10M  bit/sec  Ethernet  connection. 

All  incoming  traffic  is  screened  by 
the  firewall.  The  S9500  decrypts  VPN 
traffic  and  sends  it  out  one  of  two  LAN 
ports. The  ports  serve  separate  LAN  seg¬ 
ments,  giving  customers  the  option  to 
send  traffic  directly  to  network  servers 
or  to  servers  in  a  demilitarized  zone  iso¬ 
lated  from  the  rest  of  the  LAN,  Netopia 
says. 

Terminating  VPN  sessions  and  en¬ 
cryption  via  Triple-Data  Encryption 
Standard  (DES)  are  done  in  Application 
Specific  Integrated  Circuits  to  enable 
wire-speed  throughput.  The  company 
says  the  box  can  handle  4,000  concur¬ 
rent  firewall  sessions  at  10M  bit/sec  and 
200  concurrent  Triple-DES  sessions  at 
1.5M  bit/sec. 


The  firewall  performs  stateful  inspec¬ 
tion  of  packets,  which  means  TCP  ports 
in  the  firewall  are  closed  unless  there  is 
no  active  connection.  The  firewall  is 
also  compatible  with  Remote  Authen¬ 
tication  Dial-In  User  Service  (RADIUS) 
servers  for  authentication  of  users  and 
is  capable  of  network  address  transla¬ 
tion  and  URL  blocking. 

Traffic  shaping  is  performed  accord¬ 
ing  to  criteria  including  IP  source  and 
destination  addresses,  and  the  TCP  port 
that  the  packet  is  assigned.  Using  such 
parameters,  network  administrators  can 
assign  one  type  of  traffic  priority  over 
another  to  guarantee  better  throughput. 

The  device  can  be  configured  and 
managed  through  a  console  port,  plug¬ 
in  modem  or  a  Web  interface. 

The  S9500  is  available  now  and  costs 
$3,695.  Clients  cost  $699  for  10  licenses. 

Netopia:  www.netopia.com 


More 

Online 

•  Search  a  product- 
specific  database  with  information 
on  57  VPN  products. 

•  See  how  vendors  answered  our  VPN 
RFP. 

www.nwfusion.com 
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DELL  SERVERS,  DESIGNED  TO  GROW  WITH  YOUR  BUSINESS. 


Whether  you’re  just  starting  a  network  or  adding  onto  a  business-critical  system,  Dell  offers  a  range  of  reliable 
servers  for  your  growing  business.  They  have  the  capabilities  to  handle  basics  like  file  sharing  to  advanced 
functions  like  e-commerce.  And  along  with  the  usual  7x24  telephone  support  and  three-year  next-business-day 
on-site  ^  service,  you  also  get  30-day  “Getting  Started”  OS  telephone  support,  perfect  for  the  growing  business 
that  needs  to  keep  moving  to  survive.  Call,  or  visit  www.dell.com  for  your  custom-built  server  today. 


The  Dell®  PowerEdge *  1 300.  An  affordable 
sewer  designed  to  offer  a  cost-effective ,  entry- 
level  network  solution. 


The  Dell  PowerEdge  2300.  Ideal  for  growing 
businesses,  the  PowerEdge  2300  provides  the 
added  reliability  of  optional  redundant  hot- 
swap  drives. 


The  Dell  PowerEdge  4300/6300.  For  addi¬ 
tional  redundancy  and  increased  availability, 
tum  to  the  PowerEdge  4300  and  6300 
servers ,  featuring  redundant  hot-swap  hard 
drives,  power  supplies  and  cooling  fans. 


DELL  POWEREDGE L  6300 


starting  at  S7539 

FEATURES 

RELIABILrrY/AVAILABIUTY 

Up  to  Quad  Pentium®  III  Xeon™  Processors 
at  500MHz 


DELL  POWEREDGE  4300 


Up  to  dual  Pentium  III  Processors  from 
450MHz -600MHz 


DELL  POWEREDGE  2300 


Up  to  dual  Pentium  III  Processors  from 
450MHz -600MHz 


DELL  POWEREDGE  1300 


Up  to  dual  Pentium  III  Processors  from 
450MHz -600MHz 


E-VALUE  CODE:  31178-290975 


Business  Lease'5  starting  at 
$249/Mo„  36  Months 


256MB  up  to  4GB1  ECC  EDO  RAM 
9GB4  (7.200  &  10.000  RPM)  up  to  36GB4 
Ultra-2/LVD  SCSI  Hard  Drives 
Up  to  252GB4  Internal  Storage  Capacity 


starting  at  $3469 

FEATURES 

REUABILITY/AVAILABILITY 

ECC  Memory,  RAID  Capable,  Hot-Swap  Hard  Drives,  Hot-Swap  Power 
Supplies  &  Cooling  Fans,  Hot-Swap  PCI-ready  Slots 


►  E-VALUE  CODE:  31178-290934 


Business  Lease15  starting  at 
$1 16/Mo.,  36  Months 


128MB  up  to  2GB4 100MHz  ECC  SDRAM 
9GB4  (7,200  &  10,000  RPM)  up  to  36GB4 
Ultra-2/LVD  SCSI  Hard  Drives 
Up  to  252GB4  Internal  Storage  Capacity 


starting  at  S1999 

FEATURES 

RELIABILITY/AVAILABILITY 

ECC  Memory,  RAID  Capable,  Hot-Swap  Hard  Drives,  Hot-Swap 
Power  Supplies  &  Cooling  Fans 


E-VALUE  CODE:  31178-290919 


Business  Lease15  starting  at 
$67/Mo.,  36  Months 


64MB  up  to  2GB4 100MHz  ECC  SDRAM 
9GB4  (7,200  &  10,000  RPM)  up  to  36GB4 
Ultra-2/LVD  SCSI  Hard  Drives 
Up  to  144GB4  Internal  Storage  Capacity 


starting  at  S1649 

FEATURES 

REUABILITY/AVAILABILITY 

ECC  Memory,  RAID  Capable,  Optional  Hot-Swap  Hard  Drives 


E-VALUE  CODE:  31178-290916 


Business  Lease15  starting  at 
$55/Mo„  36  Months 


64MB  up  to  1GB4 100MHz  ECC  SDRAM 
9GB4  up  to  36GB4  Ultra-2/LVD  SCSI 
Hard  Drives 

Up  to  108GB4  Internal  Storage  Capacity 


ECC  Memory,  RAID  Capable 
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Hot  server,  chip  packages  on  the  way  for  AS/400 


Midrange  machine  could  be  outfitted  with  Web-  and  Java-only  duties;  1 -GHz  processor  is  in  development. 


BY  CLARE  HANEY 
AND  JAMES 
NICCOLAI 

Dedicated  Java  and  Web 
server  packages  as  well  as  a 
new  high-speed  chip  may  be 
on  tap  for  IBM’s  AS/400 
midrange  machine. 

“What  I’d  like  to  see  would 
be  a  pure  Java  server,”  says 
Frank  Soltis,  IBM’s  AS/400 
chief  scientist  and  the  man 
responsible  for  creating  the 
AS/400  architecture. 

Toward  the  end  of  next 
month,  IBM  plans  to  launch  a 
dedicated  AS/400  server  for 
Domino,  the  company’s  Web 
applications  software  from  its 
Lotus  subsidiary.  “If  the 
Domino  server  is  a  success, 
we  will  do  other  specific 
ones,”  Soltis  says. 

IBM  claims  that  28%  of  all 
Domino  users  are  running 
the  software  on  the  AS/400 
already,  making  it  the  No.  2 
Domino  server  platform  after 
Windows  NT. 


Foundry  Networks  this  week 
will  make  it  more  cost-effec¬ 
tive  for  users  to  deploy  high¬ 
speed  switched  LANs  when 
the  company  unveils  an  array 
of  switches  supporting  Giga¬ 
bit  Ethernet  over  copper. 

The  new  switches  are  exten¬ 
sions  to  Foundry’s  Fastlron  II 
line  of  chassis-based  wiring 
closet  devices.  The  switches 
include  hot-swappable  mod¬ 
ules  and  power  supplies,  and 
are  also  field  upgradeable  to 
Layer  3  devices.  With  the  intro¬ 
duction  of  the  new  copper- 
based  switches,  users  can  now 
deploy  Gigabit  Ethernet  for 
about  $650  per  port,  which 
Ls  about  one-third  the  cost  of 
fiber-based  switches,  Foundry 
says. 

The  new  switches  include 
the  Fastlron  II  Plus  GC, 
Fastlron  II  GC  and  the 


In  addition  to  a  Java-dedicat¬ 
ed  machine,  Soltis  says  he 
would  also  like  to  see  a  Web- 
specific  AS/400  serv  er  become 


Function-specific  boxes  and  a 
more  powerful  processor  are  on 
tap  for  IBM's  AS/400. 


available  in  the  future,  given 
the  likelihood  that  the  applica¬ 
tion  service  provider  market  is 


Fastlron  II  Plus. 

The  Fastlron  II  Plus  GC  is 
based  on  Foundry’s  existing 
IronCore  architecture  and 
offers  up  to  64  ports  of  cop¬ 
per-based  Gigabit  Ethernet 
and  96  million  packet/sec  of 
nonblocking  performance, 
the  company  says. 

The  Fastlron  II  Plus  GC  is 
an  eight-slot  switch  that 
sports  eight-port  lOOOBase-T 
Gigabit  Ethernet  modules. 

The  box  is  designed  as  a 
data  center  switch  for  large 
enterprises. 

The  Fastlron  II  GC  is  a  four- 
slot  switch  available  in  two 
configurations:  one  that  sup¬ 
ports  24  lOOOBase-T  ports 
and  another  that  supports  16 
ports  of  lOOOBase-T  and  24 
ports  of  10/ 100Base-TX  auto¬ 
sensing  Ethernet. 

Both  switches  feature  an 
expansion  slot  for  an  addi¬ 
tional  two-  or  eight-port  fiber- 
based  Gigabit  Ethernet  mod- 


set  to  take  off.  That  trend  will 
create  more  of  a  need  for 
application-specific  hardware. 
IBM  gave  no  timetable  for 
introducing  the  new  AS/400 
machines. 

The  upcoming  Domino 
server  is  not  IBM’s  first  ven¬ 
ture  into  offering  application- 
specific  AS/400  machines, 
Soltis  says. 

A  few  years  ago,  the  com¬ 
pany  began  offering  “very 
application-specific”  AS/400 
servers  for  enterprise 
resource  planning  software 
from  SAP  AG,  J.D.  Edwards  & 
Co.  and  System  Software 
Associates,  he  says. 

An  AS/400  dedicated 
Domino  server  can  help  users 
to  consolidate  their  PC  server 
farms,  he  adds. 

“You  typically  start  out 
with  a  PC  server  running 
Windows  NT,”  Soltis  says. “You 
can’t  have  just  one,  so  at  some 
point  the  support  costs 
become  overwhelming  and 
you  need  to  consolidate  into 


ule;  an  eight-port  copper- 
based  Gigabit  Ethernet  card; 
or  a  24-port  10/100Base-TX 
board. 


Additions  to  the  Fastlron  II  line 
could  speed  Gigabit  Ethernet 
implementations. 

The  Fastlron  II  Plus  is  an 
eight-slot  Layer  2  switch  that 
provides  144  10/100Base-TX 
ports  and  two,  four  or  eight 
fiber-based  Gigabit  Ethernet 
ports. 


fewer  boxes.” 

Soltis  says  one  user  was  able 
to  reduce  his  50  Windows  NT 
servers  running  Domino  down 
to  two  AS/400s. 

In  related  news,  IBM  last 


week  offered  the  first  glimpse 
of  a  new  processor  under 
development  for  its  AS/400 
and  RS/6000  servers  called 
the  Power4,  a  test  version  of 
which  has  been  cranked  up 
to  1  GHz  in  IBM’s  laborato¬ 
ries,  the  company  claims. 

Because  clock  speed  is 
only  one  determinant  of  serv¬ 
er  performance,  IBM  has  also 
developed  a  complementary 
technology  called  “synchro¬ 
nous  wave  pipeline  inter¬ 
face,”  which  will  enable  bus 


The  switch  also  has  an 
expansion  slot  for  additional 
10/ 100Base-TX  ports,  as  well 
as  copper-  or  fiber-based 
Gigabit  Ethernet  modules. 

The  University  of  Wis¬ 
consin  in  Madison  currently 
uses  Foundry’s  fiber-based 
Gigabit  Ethernet  switches. 

But  the  school  is  interested 
in  the  new  copper-based 
offerings. 

“It  makes  perfect  sense  that 
if  you  can  use  existing  wiring 
plant,  that  is  a  good  thing,” 
says  David  Parter,  a  network 
manager  at  the  college.  “We’re 
not  making  any  purchases 
right  now  but  probably  what¬ 
ever  we  purchase  next  year  or 
late  this  year  will  take  advan¬ 
tage  of  that  copper.” 

Foundry’s  copper-based 
Fastlron  II  Plus  GC,  Fastlron  II 
GC  and  Fastlron  II  Plus  will  be 
available  in  October. 

Foundry:  www.foundrynet 
works.com 


speeds  for  the  Power4  in 
excess  of  500  MHz,  says  Frank 
Ferraiolo,  a  senior  IBM  engi¬ 
neer.  Bus  speeds  determine 
how  fast  a  processor  can 
exchange  data  with  other 


parts  of  a  system. 

“The  goal  of  the  Power4 
isn’t  just  creating  a  high-per¬ 
formance  processor;  it’s  to 
create  a  high-performance 
server,”  Ferraiolo  says. 

IBM  hopes  its  Power4  will 
be  used  in  powerful  Web 
servers  and  for  running  elec¬ 
tronic  commerce  applica¬ 
tions,  as  well  as  complex  tech¬ 
nical  and  engineering  applica¬ 
tions  that  are  used  by  the  sci¬ 
entific  community,  says  Joel 
Tendler,  a  senior  technical 
analyst  with  IBM’s  server 
group.  IBM  aims  to  start  sell¬ 
ing  the  new  processor  in  the 
second  half  of  2001  in  its 
AS/400  and  RS/6000  servers, 
he  says. 

The  Power4  incorporates 
two  processors  and  a  Level  2 
cache  on  a  single  chip.  Like 
the  test  version,  the  Power4 
will  be  built  using  copper 
wires,  rather  than  the  alu¬ 
minum  wiring  used  in  the 
current  Power3  chip. 

The  Power4  will  be  manu¬ 
factured  using  an  advanced 
silicon-on-insulator  technol¬ 
ogy,  Ferraiolo  says. 

IBM’s  64-bit  offering  will 
compete  with  chips  from 
Sun,  Hewlett-Packard  and 
Compaq,  all  of  which  are 
refining  their  own  64-bit  serv¬ 
er  processors.  Intel  is  also  due 
to  enter  the  fray  next  year 
with  its  first  64-bit  processor, 
known  as  Merced. 

The  product  version  of  the 
Power4  —  as  opposed  to  the 
test  version  —  will  be 
detailed  Oct.  5  at  the  Micro¬ 
processor  Forum,  to  be  held 
in  San  Jose. 

Haney  and  Niccolai  are 
correspondents  with  the  IDG 
News  Service. 


Foundry  cuts  price  of  Gigabit  Ethernet  deployment 

Copper-based  Fastlron  switches  offer per-port  price  of  $650,  or  about  one-third  the  cost  of  fiber  switches. 

BY  JIM  DUFFY 
SUNNYVALE,  CALIF. 


■  " What  I'd  like  to  see  would 
be  a  pure  Java  server." 

Frank  Soltis,  AS/400  chief  scientist,  IBM 
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Microsoft, 

continued  from  page  19 

Services  (Diff-Serv),  which  is  used  to 
mark  packets  with  QoS  priority  bits. 
The  companies  have  submitted  an 
IETF  draft  on  their  work,  known  as 
DClass. 

To  support  the  work,  Microsoft  has 
developed  an  API  called  Generic  QoS 
(GQoS). 

The  API  hooks  RSVP  into  applica¬ 
tions  so  they  can  request  bandwidth. 
Requests  are  made  to  a  policy  en¬ 
forcement  point  (PEP)  on  the  net¬ 
work,  such  as  Microsoft’s  Admission 
Control  Server  (ACS),  and  sent  to  a 
policy  server. 

If  the  policy  server  grants  the 
request,  it  instructs  the  host  system  to 
mark  packets  with  Diff-Serv  bits.  The 
translation  from  RSVP  request  to  Diff- 
Serv  response  is  called  DClass. 

“Microsoft’s  extension  is  a  good 
thing  in  that  it  links  two  QoS  tech¬ 
niques  in  a  useful  way,”  says  Scott 
Bradner.  the  transport  area  director  at 
the  IETF. 

“I  think  the  host  system  should  set 
priority  type  and  then  have  the  router 
or  switch  determine  if  the  packet  goes 
through."  says  Thomas  Hobika.  global 
network  engineer  for  Eastman  Kodak. 

Hobika  currently  monitors  his 
WAN,  LAN  and  metropolitan-area  net¬ 
work  links  for  uptime,  reliability  and 
utilization.  He  figures  RSVP  will  play  a 
role  in  the  future. 

Critics  chime  in 

But  the  plan  isn't  without  critics. 

“Routers  manage  where  bandwidth 
resources  are  scarce,  at  the  WAN  edge, 
and  Microsoft  manages  where  re¬ 
sources  are  not,  so  I  question  the 
approach,"  says  Tom  Nolle,  president 
of  CIMI  Corp.,  a  consultancy  in 
Voorhees,  N.J. 

Nolle  also  points  out  that  few  appli¬ 
cations  support  the  Microsoft  API. 

Indeed,  only  NetMeeting  and 
Telephony  API  3-compliant  applica¬ 
tions  incorporate  GQoS. 

Cisco  supports  applications  using 
RSVP,  but  maintains  that  QoS  intelli¬ 
gence  belongs  on  the  network.  It  also 
has  its  own  API  to  support  RSVP  sig¬ 
naling  directly  to  routers. 

"Hardware  can  change  the  service 
level  on  packets  depending  on  where 
they  are  in  the  network,  and  host-sys¬ 
tems  can’t  do  that,”  says  Alan  Marcus, 
director  of  enterprise  technical  mar¬ 
keting  at  Cisco.  “Off-the-shelf  applica¬ 
tions  are  what  we  call  untrusted,  since 
they  may  always  signal  for  the  best 
service.  We  prefer  that  the  network 
manage  them." 

Microsoft  isn't  fighting  that  view. 

"The  network  knows  about  traffic 
and  policies."  says  Ron  Cully,  lead 
product  manager  for  Windows  net¬ 
working.  “But  we  complement  it  with 


a  smart  host  that  can  mark  traffic,  ID 
users  and  make  applications  aware  of 
the  network.” 

In  addition  to  Diff-Serv,  Windows 
2000  also  supports  802. Ip  tags,  a 
specification  for  prioritizing  traffic 
over  Ethernet.  Microsoft  also  devel¬ 


oped  ACS,  which  translates  the  RSVP 
signal  into  a  format  a  policy  server 
can  read. 

Typically  a  router  —  a  PEP  — 
would  handle  the  task  executed  by 
the  ACS,  but  few  hardware  compo¬ 
nents  today  have  the  capability. 


Microsoft  also  is  using  Active 
Directory  as  a  policy  store. 

“It’s  very  clever  what  Microsoft  is 
doing.  I'm  impressed"  says  Charles 
Muirhead,  president  of  Orchestream. 
which  develops  a  policy  server  called 
Enterprise.  \Jk 


Just  like  hundreds  of  other  companies,  they 
out-tasked  WAN  management  and  saved. 

If  you  haven't  considered  out-tasking  yet.  now’s  the  time.  Out- 
tasking's  a  sweet  de.il  for  most  companies:  Substantially  lower 
costs.  No  daily  firefiglits  or  performance  troubleshooting.  And 
it  frees  up  personnel  to  do  other  important  tilings,  like  develop 
business-critical  systems.  No  wonder  so  many  companies  are 
making  the  switch  to  NetSohe. 

With  age  comes  perfection. 

NetSohe’s  a  prov  en  leader  with  a  track  record  of  success.  And 
we  guarantee  satisfaction!  That's  why  Kendall-Jackson  Winery 
relies  on  us  to  remotely  manage  their  WAN  and  provide  24X7 
fault  management,  Web-accessed  reports,  and  an  availability 
guarantee  based  on  network  uptime.  .And.  along  with  over  SIX) 
other  companies,  they  know  they  can  count  on  us  for  unmatched 
expertise,  experienced  staff,  and  advanced  tails.  Guaranteed. 

The  critics  agree: 

"Indeed.  META  Group  anticipates  that  by  2001  all  but  t/.)C 
largest  IT  skips  will  rely  on  outside  help for  deliiering  at 
least  a  portion  of  their  network  services,  with  netuvrk 
management  becoming  a  strong  candidate fir  outsourcing.  ” 

Mark  Bouchard 
META  Group 

Ready  to  make  a  case  of  your  own? 

Call  1-800 -NKTSOIVK  or  visit  vvwvv.netsoKe.com  today. 
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W  m  Internetworking  Monitor .  John  Curtis 

IPSec’s  double-edged  security 


Many  network  technologies 
have  held  the  promise  of  revo¬ 
lutionizing  and  replacing  existing  wares. 
So  it  was  with  IP  Security  (IPSec),  a  vir¬ 


tual  private  network  (VPN)  security 
technology  with  integrated  support  for 
shared  secret  key  and  digital  certificate 
authentication.  IPSec  also  supports 


encryption  with  data  encryption  stan¬ 
dard  and  Triple-DES.  IPSec  held  the 
promise  of  replacing  less  sophisticated 
security  technologies  while  still  guaran¬ 
teeing  a  level  of  interoperability  among 
different  vendors  of  IPSec  products. 

It’s  certainly  no  secret  that  IPSec  — 
indeed  any  network  encryption  tech- 
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Reliability  and  Security. 
Are  VPNs  the  answer? 
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Find  out  at... 


New  to  NetWorld+Interop,  VPN  Day, 
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aspects  of  virtual  private  networks. 
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•  Introduction  to  VPNs 

•  Cryptography  for  VPNs 

•  Secure  Remote  Access  (followed  by  demonstration) 

•  Layers  and  Secure  IP  VPNs 

•  Application  and  Circuit  Level  Proxy  VPNs 

•  Quality  of  Service  (QoS)  VPNs  (followed  by  demonstration) 

•  Reception 

•  Birds  of  a  Feather 


Who  should  attend:  network  managers, 
administrators,  operators  and  designers 
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nology  —  is  inherently  incompatible 
with  the  network  features  and  services 
that  require  the  correct  identification  of 
traffic  content.  For  instance,  because 
IPSec  hides  source  and  destination  IP 
addresses  and  port  numbers  of  the  real 
end  stations,  it  is  impossible  for  Layer  4 
switches  to  forward  IPSec  traffic  to 
appropriate  servers  or  applications. 

A  similar  problem  arises  in  running 
IPSec  connections  across  the  current 
generation  of  carrier-class  ATM-based 
VPNs.  Unlike  IPSec-based  VPNs,  today’s 
ATM  VPNs  offer  no  encryption  or 
authentication  between  ATM  edge  de¬ 
vices,  but  rather  rely  upon  dedicated  cir¬ 
cuits  across  the  ATM  cloud  with  carrier- 
controlled  access  and  authentication. 
However,  assigning  appropriate  circuits 
to  each  traffic  stream  means  identifying 
the  traffic  content,  a  task  made  virtually 
impossible  by  the  encryption  of  the  data 
content  within  IPSec  streams. 

Many  customers  could  accept  IPSec’s 
incompatibility  with  Layer  4  switches, 
and  even  with  carrier  VPN  services.  But 
few  were  prepared  for  the  incompatibil¬ 
ity  of  IPSec  with  some  of  the  leading  fire¬ 
wall  technologies.  More  specifically,  the 
best  firewall  securities  —  those  that  rely 
upon  application  proxies  —  require  that 
the  firewall  interact  directly  with  appli¬ 
cations  passing  through  it.  Unfor¬ 
tunately,  the  firewall  cannot  determine 
the  application  content  of  IPSec  traffic, 
let  alone  attempt  to  intercept  applica¬ 
tion  commands  and  data  because  all 
IPSec  content  is  encrypted. 

Allowing  IPSec  traffic  through  a  fire¬ 
wall  would  mean  punching  a  gaping 
hole  in  the  firewall  to  allow  passage  of 
any  traffic  that  matched  only  rudimen¬ 
tary  frame  header  information  that  mere¬ 
ly  suggested  that  it  was  legitimate  IPSec 
traffic.  This  might  weaken  overall  net¬ 
work  security  rather  than  strengthen  it. 

Instead,  the  strategy  many  customers 
have  been  forced  to  implement  involves 
dual  parallel  security.  This  plan  utilizes  a 
firewall  and  an  IPSec  gateway  in  parallel. 
Incoming  IPSec  connections  target  the 
gateway,  whereas  non-IPSec  traffic  tar¬ 
gets  the  firewall. 

There  is  no  question  that  IPSec  ex¬ 
ceeds  the  simple  authentication  and  ver¬ 
ification  of  a  firewall,  providing  vendor- 
independent  encryption.  The  question 
customers  should  ask  is,  “Should  we 
deploy  IPSec  with  its  sophisticated 
authentication  and  encryption,  or  rely 
upon  more  straightforward  security  sys¬ 
tems  such  as  firewalls  and  carrier-based 
circuit  VPNs  that  are  more  universally 
available?"  The  answer,  quite  simply,  is 
“Yes.”  Neither  is  perfect  and  complete. 
Neither  will  replace  the  other. 

John  Curtis  is  director  of  engineer¬ 
ing  with  The  Tolly  Group,  a  strategic 
consulting  and  independent  testing 
firm  in  Manasquan,  NJ.  Curtis  is  sitting 
in  for  regular  columnist  Kevin  Tolly 
this  week.  He  may  be  reached  at  (732) 
528-3300  or  www.tolly.com. 


24  Network  World  August  23,  1  999  www.nwfusion.com 


FREE 

NetShelter®  Bundle  Kit. 


Just  mail  or  fax  this  completed  coupon 
or  contact  APC  for  your  FREE  NetShelter 
Bundle  Kit .  Better  yet,  order  it  today  at 
the  APC  Web  site! 

Key  Code 

http://promo.a pcc.com  ni  2 9 z 

(888)  289-APCC  x7662  •  FAX:  (401)  788-2797 


Title: 


_  Company: 


Address:  _ 
City/Town:_ 
Phone: _ 


_  State:  _ 


-Zip: 


_  Country: 


Brand  of  UPS  used? . 
Brand  of  PC  used? 


Brand  of  servers  used?  _ 
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E-mail'  apcinfo@apcc.com 


132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA 


NO  POSTAGE 
NECESSARY 
IF  MAILED 
IN  THE 

UNITED  STATES 


BUSINESS  REPLY  MAIL 

FIRST-CLASS  MAIL  PERMIT  NO.  36  WEST  KINGSTON,  Rl 
POSTAGE  WILL  BE  PAID  BY  ADDRESSEE 


APC 

AMERICAN  POWER  CONVERSION 

KEY  CODE:  n129z 
Department:  B 
132  FAIRGROUNDS  ROAD 
PO  BOX  278 

WEST  KINGSTON  Rl  02892-9920 


How  to  Contact  APC 

Call:  (888)  289-APCC 

use  the  extension  on  the  reverse  side 

Fax:(401)  788-2797 

Visit:  http://promo.apcc.com 

use  the  key  code  on  the  reverse  side 


Legendary  Reliability"1 


How  to  get  rack-mount  server 
protection  in  three  easy  steps 


When  you  install  your  new  IBM, 
Compaq,  HP  or  Dell  server 
demand  the  APC  Smart-UPS®  RM 
and  NetShelter®  Power  Protected 
Enclosure  bundle  be  part  of 
the  solution. 

According  to  Contingency  Planning 
Research,  power  failure  and  surges 
account  for  45%  of  all  data  loss.  In 
high  availability  environments, 
that's  unacceptable  risk. 

Why  not  give  yourself  a  break?  Bad 
power  should  be  the  last  thing  you 
have  to  worry  about. 

Wrap  your  new  server  up  in  the 
best  armor  money  can  buy:  APC 
Smart-UPS  power  protection  and  an 
APC  NetShelter  rack  enclosure. 

APC  is  the  only  company  today 
that  can  package  top  quality  power 
protection  pre-assembled  and  pre¬ 
configured  in  a  quality  rack  for 
20%  less  than  the  competition. 

Installing  power  protection  doesn't 
need  to  be  complex  and  expensive. 
Let  the  power  of  two  work  for  you. 
Call  your  local  reseller  and  ask  for 
your  Power  Protected  Enclosure 


Simple 


•  Shipped  pre-assembled  with  UPS 

•  Free  inside  delivery* 

•  Saves  floor  space 

•  Eliminates  cabling  "rat's  nest" 

•Automatic  voltage  regulation  and  proactive 

environmental  monitoring 

•  FREE  PowerChute®  plus  software  makes  both 
local  and  remote  power  management  easy 


Smart-UPS  RM  1400  VA  plus 
NetShelter  42U  rack  AR1200 


$2,995 


Durable 


•  Physically  protects  your  server 

•  Bulletproofs  your  installations 

•  Limits  wear  and  tear  on  components 

•  Shields  your  network  cards  and  disks  with 
guaranteed  surge  suppression 

•  Strong  adjustable  framework 

•  $25,000  equipment  protection  guarantee 
with  Smart-UPS  (see  policy  for  details) 


Smart-UPS  RM  2200  VA  plus 
NetShelter  42U  rack  AR1205 


$3,550 


Flexible 


•  Organizes  your  equipment 

•  Ample  room  for  server,  UPS  and  accessories 

•  An  easy  fit  for  all  leading  server  manufacturers 

•  Robust  diagnostics  solves  problems  before 
they  happen 


Smart-UPS  RM  3000  VA  plus 
NetShelter  42U  rack  AR1210 


$3,749 


Bundle  today! 


1  All  enclosures  are  shipped  F.O.B.  APC  provides  FREE  inside 
delivery  at  no  extra  charge  with  recommended  carrier, 
United  Van  Lines. 
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FREE  NetShelter  Bundle  Kit! 


Visit  today  and  learn  how  to  get  the  protection  you  need. 


888-289-apcc  x7662  •  fax:  401-788-2797  Order  now  http://promo.apcc.com  Key  Code  n  1  29z 
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Visit  us  at  Networld  +  Interop 
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Service  Level  Management 
for  IP  Networks 


Briefs 


Amplify.net  and  Porta!  Soft¬ 
ware  are  teaming  to  offer  ISPs 
bandwidth  shaping  and  usage- 
based  billing  all  in  one.  Amplify, 
net's  bandwidth-shaping  devices 
and  Portal's  billing  software  will 
still  be  purchased  separately,  but 
Amplify.net  is  bundling  integration 
software  code  that  ties  the  two 
products  together.  When  an  ISP 
deploys  the  bandwidth-shaping 
and  usage-based  billing  features 
from  both  products,  the  bills  of 
business  users  can  be  broken 
down  based  on  traffic  type  or  ori¬ 
gin.  ISPs  will  pay  about  $125,000 
for  an  entry-level  system  that  sup¬ 
ports  up  to  25,000  subscribers. 

Amplify.net:  www.amplifynet. 
com;  Portal:  www.portal.com 

Sierra  Wireless  in  Vancouver, 
British  Columbia,  last  week  rolled 
out  its  latest  wireless  PC  card 
modem  that  lets  laptop  users 
access  any  Cellular  Digital 
Packet  Data  network  to  surf  the 
Web  or  download  e-mail.  AirCard 
300  for  Windows  installs  in  any 
laptop  running  Windows.  The 
device  fits  into  a  laptop's  PC  card 
slot  and  allows  users  to  support 
wireless  and  wireline  modems. 
AirCard  300  for  Windows  costs 
$549. 

Sierra  Wireless:  www.sierra 
wireless.com 

Pacific  Bell  recently  introduced 
Access  Advantage  Plus,  a  service 
that  delivers  voice  and  data  over 
a  single  T-1  line.  The  service  uses 
Vina  Technologies'  Multiservice 
T-1  Integrator  to  multiplex  any  mix 
of  voice  or  data  on  the  T-1's  24 
channels.  The  data  service  can 
be  dedicated  data  service  or 
frame  relay.  Pac  Bell  says  it  may 
add  ATM  to  the  mix  later.  Pricing 
for  the  line  is  $350  per  month,  plus 
the  services  customers  buy  to  run 
on  the  line.  For  example,  a  128K 
bit/sec  frame  relay  service  is  $150 
extra. 

Pacific  Bell:  www.pacbell.com 
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Frontier  set  to  jump  into  DSL  game 


BY  DAVID  ROHDE 

ROCHESTER,  NY  —  The  march  of 
major  incumbent  local  carriers  introduc¬ 
ing  their  first  digital  subscriber  line  (DSL) 
services  will  continue  this  fall,  as  Frontier 
has  slated  an  ADSL  offering  for  some  of  its 
territories. 

Frontier  will  introduce  an  asymmetric 
DSL  (ADSL)  service  with  1M  bit/sec 
downstream  and  128K  bit/sec  upstream 
capacity  at  a  price  of  $34.95  per  month, 
company  officials  confirmed  last  week. 

The  service  will  be  introduced  in 
Rochester,  N.Y.,  as  well  as  in  another  sec¬ 
tion  of  the  state  about  60  miles  north  of 
New  York  City.  The  third  initial  territory' 
will  be  an  area  south  of  Minneapolis. 

Frontier’s  intention  was  revealed  in  a 
tariff  filed  with  the  Federal  Communi¬ 
cations  Commission  earlier  this  month. 

The  company  is  a  carrier  hy  brid,  rank¬ 
ing  as  the  nation’s  fifth-largest  long¬ 
distance  carrier,  as  well  as  the  incumbent 
local  carrier  for  certain  non-Bell-company 


Getting  in  the  game 

Frontier  will  introduce  its  first  ADSL 
service  at  the  following  terms  and 
prices: 

Downstream  speed:  1M  bit/sec 
Upstream  speed:  128K  bit/sec 
Installation  charge:  $99.95 
Monthly  rate:  $34.95 
DS-3  port  for  ISPs  to  provision  ADSL: 
$1,700  per  month 


territories.  Unlike  the  Bells,  Frontier  also 
operates  a  competitive  local  exchange 
carrier  (CLEC)  division  for  the  territories 
in  which  it  doesn't  serve  as  the  incum- 
bent.The  CLEC  division  last  spring  signed 
a  deal  with  Northpoint  Communications, 
a  specialist  digital  subscriber  line  carrier, 
to  jointly  offer  DSL  service. 

But  those  joint  services  haven’t 
launched  yet,  so  the  Frontier  ADSL  offer¬ 


ings  in  New  York  and  Minnesota  will  be 
the  company’s  first  DSL  services,  says  Bill 
Hammond,  vice  president  of  product 
development  for  Frontier’s  incumbent 
territories. 

Under  the  new  service,  individual 
users  will  have  to  pay'  an  installation  fee 
and  a  monthly  fee  (see  graphic).  They’ll 
also  have  to  add  Frontier’s  regular  charge 
for  a  phone  line  for  voice  service  and  add 
an  ISP  fee  —  either  Frontier’s  or  another 
ISP’s  —  for  Internet  access. 

Hammond  says  Frontier  is  considering 
a  higher-end  symmetrical  DSL  service  — 
with  equal  bandwidth  in  both  directions 
—  for  larger  corporate  sites. 

But  analy  sts  say  Frontier’s  $34.95-per- 
month  ADSL  service  should  be  an  attrac¬ 
tive  start  and  indicates  that  there  are  few 
major  phone  companies  left  that  can 
afford  to  get  by'  without  some  ty  pe  of  DSL 
on  the  table. 

“It’s  almost  mandatory7  at  this  point,” 
says  Robert  Rosenberg,  president  of 
See  Frontier,  page  28 


NaviSite  shaping  up  its  ASP  offerings 

Oracle8i  is  the  latest  addition  to  the  lineup. 


BY  DENISE  PAPPALARDO 

ANDOVER,  MASS.  —  NaviSite  has 
begun  offering  database  application 
hosting  that  will  let  users  expand  their 
back-end  electronic  commerce  systems. 

Last  week,  NaviSite,  a  Web  hosting  ser¬ 
vice  provider  that  now  also  wears  an 
application  service  provider  (ASP)  hat, 
inked  a  deal  with  Oracle  that  lets 
NaviSite  rent  Oracle8i  database  software 
licenses  and  services  to  business  users. 

Oracle8i  lets  business  users  better 
manage  data  on  their  Web  sites,  says  Jay 
Seaton,  vice  president  of  marketing  at 
the  Andover  service  provider.  NaviSite 


offers  applications,  such  as  Engage’s  Ad 
Bureau  and  Open  Market’s  Transact,  that 
can  run  on  Oracle8i.The  applications  let 
business  users  keep  track  of  electronic 
ads  and  e-merchants  sell  wares  over  the 
Internet. 

It’s  becoming  essential  that  any  ser¬ 
vice  provider  offering  complex  Web  and 
application  hosting  also  offer  business 
users  a  direct  way  to  integrate  the 
servers  with  a  high-end  database.  Such 
databases  are  needed  to  store  sensitive 
customer  or  financial  information  asso¬ 
ciated  with  e-commerce  sites. 

Planet  Direct,  which  has  been  work¬ 
ing  with  NaviSite  for  more  than  two 


years,  has  about  100  of  its  Web  and 
Oracle  database  servers  hosted  with  the 
company'. 

“We  have  an  Oracle  parallel-server 
database  infrastructure  that  stores  all 
membership  and  content  information,” 
says  Wayne  Whitcomb,  vice  president 
of  engineering  at  Planet  Direct  in 
Andover. 

All  of  Planet  Direct’s  content  is  stored 
on  the  databases  so  when  a  Planet 
Direct  customer  logs  on  to  the  site,  a 
Web  page  is  built  on  the  fly,  Whitcomb 
says.  Planet  Direct  isn’t  using  static 
HTML  pages.  While  Planet  Direct  is 
using  Oracle8  database  servers,  it  owns 
the  software  and  the  Compaq  servers 
that  are  stored  at  NaviSite’s  Andover 
data  center. 

But  the  deal  that  NaviSite  announced 
with  Oracle  last  week  allows  NaviSite 
for  the  first  time  to  sell  Oracle8i  soft¬ 
ware  licenses  to  its  customers.  Users 
can  deploy'  the  Oracle8i  software  on 
Dell  or  Compaq  server  hardware,  which 
runs  on  NT  or  Unix  platforms,  NaviSite’s 
Seaton  says. 

NaviSite  isn’t  offering  the  OracleSi 
server  hosting  service  as  part  of  a 
specific  software  bundle,  Seaton  says. 
Users  can  deploy  any  applications  on 
their  Oracle  databases,  or  they  can 
choose  one  of  the  applications  that 
NaviSite  offers. 

See  NaviSite,  page  28 


NaviSite  spreads  its  application  arms 

ASP  NaviSite  last  week  added  0racle8i  to  its  list  of  rentable  software.  Unlike  its 

competitors,  NaviSite  specializes  in  renting  e-commerce  software  rather  than 
intranet  applications.  Here's  a  list  of  the  ASP's  offerings: 

•  AdBureau 

•  Live  Picture 

•  SiteServer 

•  Arrowpoint 

•  Open  Market 

•  Web  Trends 

•  Cybercash 

•  0racle8i 

•  Windows  Media  Technologies  :• 
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Frontier, 

continued  from  page  27 

Insight  Research  in  Parsippany,  N.J. 

The  Frontier  sendee,  based  on  Cisco’s 
line  of  DSL  Access  Multiplexers,  is  still 
being  tested  and  won’t  be  advertised 
until  the  fall,  Hammond  says. 


Jilani  Zeribi,  a  senior  analyst  at 
Current  Analysis  in  Sterling, Va.,  also  cau¬ 
tions  that  the  first  DSL  offering  from  a 
telco  simply  helps  the  company  leam 
about  the  market  and  gain  experience 
in  marketing  and  provisioning  the  tech¬ 
nology. 

The  Frontier  tariff  filing  makes  clear 


that  every  potential  customer  must  still 
go  through  a  qualification  process  to 
see  whether  the  local  loop  is  short  and 
clean  enough  for  DSL.  Hammond  says 
Frontier  will  not  offer  extra  loop  condi¬ 
tioning  for  an  extra  price,  but  will  give 
prospects  either  a  yes  or  no  answer  on 
their  DSL  capability.  That’s  been  a  com¬ 
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here’s  no  elbow  room  in  Tl.  But  you’d  pay 
a  fat  price  for  the  luxury  of  T3  services,  if 
you’re  even  offered  the  option. 

The  DL5400  MultiLink  Access  Device  from 
Digital  Link  offers  a  comfy  new  alternative.  It’s 
your  standards-based  multi-megabit  ticket  to  a 
new  level  of  price  performance  for  Internet 
and  frame  relay  access.  NxTl  capabilities  allow 
you  to  scale  bandwidth  to  over  12  Mbps. 

Like  all  of  Digital  Link’s  intelligent  demarc 
solutions,  the  DL5400  MultiLink 
Access  Device  allows  the  enterprise 
to  monitor  performance  across  the 

The  low-profile  DL5400  MultiLink  Access  Device  features  a  modular  software  Jf  yoil^VC  21*0  WI1 

and  hardware  design  which  allows  easy  reconfiguration  for  future  upgrades.  *  '  ^ 

The  unit  incorporates  web-based  network  management.  Uncomfortable  with  SeCOnd-daSS 

access  solutions,  visit  www.dl.com  or  call 
888-280-5465  today. 
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mon  pattern  with  the  incumbent  telcos, 
Zeribi  says.  “I  have  yet  to  hear  of  a  ser¬ 
vice  where  they  will  charge  the  cus¬ 
tomer  for  loop  conditioning,”  Zeribi 
says.  “They’ll  either  say,  ‘We’ll  provide 
DSL  service  to  you,’  or  ‘We  can’t.’  They 
have  their  hands  full  already.” 

But  like  some  other  telcos,  Frontier 
has  an  extra  incentive  to  roll  out  DSL 
now.  It  has  agreed  to  a  merger  with 
Global  Crossing,  an  international  broad¬ 
band  carrier  that  is  building  an  under¬ 
sea  fiber  network.  Federal  regulators 
recently  have  been  demanding  that 
merging  companies  show  some  con¬ 
sumer  broadband  deployments  before 
giving  the  thumbs  up  to  the  deal, 
Insight’s  Rosenberg  notes. 

“They’re  saying:  ‘You  want  your 
merger  —  we  want  your  DSL  offering,’ 
he  says.  B 
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•  Details  of  the  proposed 
Frontier  and  Global  Crossing  merger. 

•  A  primer  to  help  your  DSL  knowledge. 


More 

Online 


NaviSite, 

continued  from  page  27 

NaviSite ’s  deal  with  Oracle  is  the 
company’s  latest  move  in  developing 
its  ASP  business. 

In  late  June,  NaviSite  announced  a 
deal  in  which  Dell  would  buy  a  4.9% 
interest  in  NaviSite,  and  in  exchange, 
says  NaviSite  would  deploy  a  large  num¬ 
ber  of  Dell  servers  in  its  data  centers 
that  will  be  used  for  application  hosting. 

NaviSite’s  Seaton  says  that  this  isn’t 
an  exclusive  deal. 

In  the  same  month,  NaviSite  also 
inked  a  deal  with  Microsoft  in  which 
the  software  giant  took  a  4.4%  owner¬ 
ship  of  NaviSite,  which  up  until  June 
was  wholly  owned  by  CMGI.The  two 
companies  agreed  to  collaboratively 
offer  streaming  applications  based  on 
Windows  Media  Technologies,  which 
essentially  replaces  Microsoft’s  Net- 
Show  streaming  software. “Microsoft  is 
pushing  the  development  side,  and 
NaviSite  is  pushing  the  hosting  and 
management  side  of  streaming  ser¬ 
vices,”  Seaton  says. 

NaviSite  is  offering  its  business  cus¬ 
tomers  nine  applications  on  a  rental 
basis  (see  graphic,  page  27).  The  ser¬ 
vice  provider  is  focusing  more  on  Web- 
based  applications  that  enhance 
e-business,  as  opposed  to  offering 
intranet-type  software  such  as  a 
PeopleSoft  or  SAP,  Seaton  says. 

NaviSite:  www.navisite.com 
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In  today’s  world,  the  information  has  to  be  there.  If  it’s  unavailable  for  even  a  moment,  you’ll  lose  customers.  VERITAS* 


software  ensures  you  have  the  highest  level  of  information  availability  possible.  So  instead  of  losing  customers,  your 


business  can  keep  winning  new  ones.  Call  1-800-729-7894  x:  81016,  surfwww.veritas.com,  or  start  making  those  flyers. 


BUSINESS  WITHOUT  INTERRUPTION: 
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VERITAS 
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Eye  on  the  carriers  .  David  Rohde 


Carriers 


8  ISPs 


Tylenol  for  users  and  a  lesson  for  Ebbers 


Do  you  remember  the  Tylenol 
scare  of  1 982?  Pills  laced  with  cy¬ 
anide  killed  seven  people  in  the  Chicago 
area,  and  the  country  was  in  an  uproar. 


Johnson  &  Johnson’s  response? 
Instead  of  ducking  or  denying  responsi¬ 
bility,  the  company  recalled  millions  of 
bottles,  rushed  executives  out  to 


express  concern  for  the  public,  made 
the  new  bottles  tamper-proof,  and 
gained  enormous  goodwill  that  has  paid 
dividends  to  this  day. 


Integrated  OSS  from  Harris — 
Why  not  eliminate  the  puzzle? 


The  representation  of  the  Rubik’s  Cube®  is  by  permission  of  SevenTowns  Ltd.  The  overall  image  of  the  puzzle  is  a  registered  trademark  of  SevenTowns  Ltd. 


Is  your  business  looking  for  integrated 
operational  support  and  end-to-end 
process  flow? 

Or  do  you  think  they're  just  nice 
concepts?  Not  at  Harris. 

The  leading  supplier  of  Enterprise 
Network  Management  systems  to 
the  CLEC  industry  is  now  offering 
complete  turnkey  integrated  OSS 
solutions — through  integration.  With 
the  support  of  our  technology  part¬ 
ners,  Harris  offers  service  providers  a 
complete  management  solution  for 
their  telecommunications  networks. 
From  service  order  management  to 
network  management,  Harris  offers 


a  powerful,  integrated,  open-archi¬ 
tecture  OSS  solution  that  interfaces 
with  any  vendor's  communications 
equipment.  And,  our  bundled  service 
approach  gives  you  the  features  you 
need  to  launch  operations  immediately 
and  to  remain  competitive  and  cost 
effective  as  you  deploy  new  services. 

Harris  is  a  leading  software  provider 
that  offers  a  complete,  turnkey  soft¬ 
ware  and  hardware  solution  to  wire¬ 
less  and  wireline  service  providers. 

Our  power  is  integration. 

Let  us  solve  your  network  puzzle  and 
take  your  business  to  the  next  level. 


next  !e  vet  solutions 

WIRELESS 

BROADCAST 

GOVERNMENT 

NETWORK  SUPPORT 


1  -800-4-HARRIS  ext.  4703  .  1 -407-727-9207  ext.  4703 
www.harris.com 


HARRIS 
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This  classic  lesson  in  corporate  com¬ 
munications  was  completely  lost  on 
MCI  WorldCom  during  its  atrocious 
response  to  its  recent  frame  relay  crisis. 

Customers  said  that  account  reps 
were  still  reporting  a  simple  congestion 
problem  even  as  frame  relay  circuit  ad¬ 
dresses  were  being  lost.  UUNET’s  net¬ 
work-status  Web  page  maintained  the 
same  message  for  days  that  MCI  World¬ 
Com  frame  relay  was  suffering  “intermit¬ 
tent  outages”  and  promised  detailed 
updates  that  never  came.  And  it  took 
MCI  WorldCom  CEO  Bernard  Ebbers  1 1 
days  to  explain  the  situation. 

The  company’s  motivation  for  all  this 
stonewalling  was  more  than  a  simple 
bureaucratic  circling  of  the  wagons.  It 
seems  officials  figured  that  if  Ebbers  or 
other  executives  came  out  to  talk  about 
the  problem,  they  would  have  had  to 
acknowledge  something  far  worse  (in 
their  minds)  than  an  outage. 

They  would  have  had  to  explain  that 
MCI  WorldCom  really  has  several  frame 
relay  networks  —  only  one  of  which 
was  on  the  blink  —  and  it  still  has  a  long 
way  to  go  to  integrate  them.That  reality 
doesn’t  square  with  MCI  WorldCom’s 
“On-Net”  corporate  posture  of  an  end- 
to-end  global  integrated  network. 

So  instead,  a  company  spokeswoman 
told  the  general  press  that  some  ill- 
defined  portion  of  “the  MCI  WorldCom 
frame  relay  network”  (something  that 
doesn’t  really  exist)  had  suffered  con¬ 
gestion  problems  affecting  15%  to  30% 
of  the  company’s  customers. 

In  the  end,  the  strategy  did  not  work. 
Ebbers  had  to  come  forward  and  say  not 
only  that  the  company  maintains  multi¬ 
ple  nets  but  also  that  integration  might 
not  be  the  way  to  go  any  more.Then  he 
laid  the  whole  problem  at  Lucent’s  feet, 
emphasizing  that  MCI  WorldCom  itself 
doesn’t  make  switch  software. 

Don’t  large  carriers  work  with  their 
vendors  on  hardware  and  software 
upgrades? 

When  AT&T  had  its  frame  relay  out¬ 
age  in  April  1998,  it  caused  widespread 
failures  of  cash  machines  and  point-of- 
sale  terminals  —  far  worse  than  any¬ 
thing  MCI  WorldCom  experienced.  Yet 
right  now  it  seems  that  more  MCI 
WorldCom  customers  are  mad  enough 
to  seek  a  new  carrier  than  AT&T  cus¬ 
tomers  were.  Why?  Probably  because 
this  event  exemplifies  the  tension  at 
MCI  WorldCom  between  the  theory  of  a 
great  collection  of  telecom  assets  and 
the  ongoing  reality  of  customer-account 
battles,  billing  problems  and  network- 
integration  headaches. 

Next  time  Ebbers  should  take  a  page 
from  the  Tylenol  playbook,  the  way 
AT&T  CEO  C.  Michael  Armstrong  did. 
Ebbers’  failure  to  move  quickly  and  deci¬ 
sively  only  made  the  situation  much, 
much  worse. 

Rohde  is  a  senior  editor  with 
Network  World.  He  can  be  reached  at 
drohde@nww.  com. 
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In  ter  I  iant  Solutions  @  Wo  r  k 


Your  on-site  hardware,  our 

efficient  off-site  management 


When  a  manufactured  housing  retailer  with 
hundreds  of  home  centers  nationwide  needed 
a  powerful  solution  to  provide  better  customer 
service  and  enable  JIT  manufacturing,  the  chal¬ 
lenges  were  many.  The  company’s  geographically 
dispersed  staff  of  computer  novices  needed  ready 
access  to  information  as  well  as  collaborative  tools 
In  addition,  an  aggressive  timeline  and  stringent 
cost-efficiency  imperatives  meant  additional  IT 


Look  after  your  business 
instead  of  your  servers 


24  x  7  administration,  monitoring 
and  performance  tracking 


A  scalable  solution  at 


a  predictable  cost  staff  was  out  of  the  question. 


Unmatched  security 


By  leveraging  the  bandwidth  and  expertise  of 
Interliant,  the  world’s  leading  hosting  services 
provider,  the  company  handily  achieved  its 


Act  now  and  receive  free 
hosting  for  two  months 


Interliant 


BUILDING  GLOBAL  COMMUNITIES 


objectives.  Working  closely  with  its  IT  personnel 
and  application  developers,  Interliant  implemented 
a  large,  stable  and  scalable  WAN  that  links  servers 
at  each  retail  location  to  manage  inventory,  track 
customer  leads  and  provide  messaging  —  all  with 
minimal  use  of  staff  resources.  And,  thanks  to 
clearly  defined  standard  hardware  and  software 
configurations,  fully  functional  replacement  units 
can  ship  within  24  hours  in  the  unlikely  event  of 
a  hardware  failure. 


Now  you  can  achieve  the  impossible  without 

/.  ;  _  V  ’-.  Tv 

stretching  your  resources  to  the  limit.  It’s  all 

'  ■  -  v.  >. .Jr 

within  your  control  with  Interliant’s  remote 


server  management  option. 


■*? 


www.interliant.com/control  or  1-800-326-9585 


■ 
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iNTECjRATEd  SECunhy  Now 


Solutions  for  Securing  e-Business 


rex 


Check  Point’s  industry-leading 
VPN'l  &  FireWall-1  technology 
secures  the  network. 


OPSEC 


Outsource  your  network 


is  the  industry’s  most  complete 


NOKIA 

Connecting  People 


security  management 
with  confidence. 
ePatrol™ 

Enterprise  Security 
Management 


framework  of  managed 
Internet  security  services, 
&  includes 
FireWall-1,  VPN-1, 
FloodGate-1  &MetaIP. 


Ensure  uninterrupted  service  &  peak  performance 
with  high  availability  for  your 
mission-critical  VPN-1  &  Fire  Wall- 1. 
Rainwall  is  fully-scalable  HA  software 
designed  to  address  vital  issues  such  as  availability, 
scalability  &  performance. 


L _ 

T'  f  most  critical  features  in  a  network  security  solution. 
That’s  why  OPSEC  (Open  Platform  for  Secure  Enterprise 
Connectivity)  certification  by  Check  Point  Software 
continues  to  set  the  architectural  standard  for  secure 
enterprise  networking. 


Together  Nokia  &  Check  Point 
provide  the  most  advanced  security 
appliances  available.  Simple  to 
deploy  &  maintain,  these 
high  performance  solutions 
offer  high  availability 
&  clustering  to  protect 
mission  critical  applications. 


ALADDIN 


Securing  the  Global  Village 

Protect  your  network  from  viruses, 
vandals,  &  inappropriate  content  using 
Aladdin’s  powerful  content  security  system. 
eSafe  Protect  Gateway 
scans  &  cleans  all 
FTP,  SMTP  &  HTTP  traffic. 


SECURE  SOLUTIONS 


OPSEC  guarantees  that  everything  works  together 
seamlessly  from  the  start — "best-of-breed”  hardware, 
software  and  services.  What’s  more,  over  200  companies 
have  embraced  the  OPSEC  architecture,  giving  you 
unprecedented  choice,  flexibility  and  performance  in  a 
network  security  solution. 

No  matter  how  daunting  your  company’s  network  security 
challenge,  there’s  an  OPSEC  solution  to  help  you  meet  it. 
For  more  information,  including  downloadable  evaluation 
software  and  a  complete  list  of  OPSEC  partners,  visit  the 
OPSEC  website  at:  www.Opsec.com/solutions 


FI  Check  Point1 

i  Software  Technologies  Ltd. 
www.checkpoint.com 


Ad  No#  2  in  a  Series 


©1999  Check  Point  Software  Technologies,  Ltd.  All  rights  reserved.  Check  Point,  the  Check  Point  logo,  and  OPSEC  are  trademarks  or  registered  trademarks  of  Check  Point  Softw  are  Technologies,  Ltd. 
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Enterprise 


Briefs 


Novell  last  week  began  offer¬ 
ing  companies  a  chance  to  pre¬ 
view  the  latest  enhancements  to 
its  GroupWise  e-mail  and  collab¬ 
oration  software.  The  GroupWise 
5.5  Enhancement  Pack  is  now  in 
open  beta  and  can  be  down¬ 
loaded  from  Novell's  Web  site. 
The  new  features  include  in¬ 
creased  security  and  the  ability 
to  access  multiple  e-mail  sys¬ 
tems  from  the  same  client  work¬ 
station.  Users  can  download  the 
GroupWise  5.5  Enhancement 
Pack  beta  by  going  to  http:// 
support.novell.com/beta/public 
and  clicking  on  Directory  En¬ 
abled  Applications. 

Microsoft  last  week  said  it 
plans  to  publish  the  protocol  for 
its  MSN  Messenger  Service. 

The  announcement  is  the  latest 
salvo  fired  in  Microsoft's  battle 
with  America  Online  over  in¬ 
stant  messaging  standards. 
Microsoft  will  present  the  proto¬ 
col  as  a  draft  to  the  Internet 
Engineering  Task  Force's  Instant 
Messaging  and  Presence 
Protocol  working  group  by  the 
end  of  this  month. 

Inxight  Software,  a  wholly- 
owned  subsidiary  of  Xerox,  is 
looking  to  make  a  splash  in  the 
corporate  portal  arena  with  a 
slew  of  new  releases.  Using 
technologies  developed  in  the 
labs  of  Xerox/PARC,  Inxight  is 
focusing  on  the  portal  user  inter¬ 
face  rather  than  back-end  inte¬ 
gration.  At  the  Seybold  show  — 
Aug.  30  to  Sept.  3  —  the  com¬ 
pany  will  demonstrate  Summary 
Server,  which  creates  an  on-the- 
fly  summary  of  documents,  and 
Site  Lens  Studio,  which  visually 
maps  relationships  among  docu¬ 
ments.  The  company  will  roll  out 
a  number  of  other  document 
mapping  and  categorization 
technologies  through  the  first 
quarter  of  next  year. 

Inxight:  www.inxight.com 


Concord  pack  diagnoses  application  health 


BY  CAROLYN  DUFFY 
M ARSAN 

Enterprise  network  professionals 
can  get  a  better  handle  on  the 
performance  of  their  applica¬ 
tions  and  network  services  with  new  soft¬ 
ware  from  Concord  Communications. 

Called  Network  Health-Response,  the 
software  is  designed  to  provide  cus¬ 
tomers  with  the  data  they  need  to  opti¬ 
mize  net  performance  and  achieve 
agreed-upon  levels  of  service  while  sav¬ 
ing  money  on  monthly  network  bills, 
company  officials  say. 

“We’ve  expanded  Network  Health 
from  just  looking  at  the  network  infra¬ 
structure  —  the  routers,  switches, 
remote  access  boxes  and  servers  —  to 
look  up  through  the  application  layers,” 
says  Kevin  Conklin,  vice  president  of 
marketing  at  Concord.  “We  can  now  mea¬ 
sure  how  well  the  end-user  applications 
are  being  delivered  over  the  network.” 

Network  Health-Response,  which  will 
be  announced  this  week,  measures  the 
performance  of  applications  from  SAP, 
PeopleSoft  and  Oracle,  as  well  as  Lotus 
Notes  and  Microsoft  Exchange. The  soft¬ 
ware  also  measures  the  response  times 
and  availability  of  such  network  services 
as  HTTP,  Dynamic  Host  Configuration 
Protocol,  Domain  Name  System  and  FTP. 


The  big  picture 

Concord's  Network  Health-Response  gives  net  professionals  a  graphical  view 
of  their  network  and  application  performance. 


In  conjunction  with  the  network  infra¬ 
structure  measurements  provided  by  the 
Network  Health  package,  the  new  capa¬ 
bilities  let  administrators  pinpoint  net¬ 
work  slowdowns  and  plan  upgrades  to 
resolve  them. 

Bundled  in  Network  Health-Response 
is  PulseCheck  Agent,  client  software 
from  FirstSense  Software. The  agent  mea¬ 
sures  end-user  application  performance 


and  reports  that  information  back  to  the 
Network  Health-Response  server,  which 
runs  on  a  dedicated  Unix  or  Windows 
NT  box.  Administrators  access  server  or 
agent  data  via  a  Web  browser  that  can  be 
customized  to  provide  views  for  net¬ 
work  designers  and  operators,  and  busi¬ 
ness  managers,  among  others. 

Network  Health-Response  also  sup- 
See  Concord,  page  34 


FastLane  lets  users  practice,  prepare  for  Active  Directory 


BY  JOHN  FONTANA 

If  Carnegie  Hall  can  be  reached  with 
practice,  practice,  practice,  maybe  the 
same  concept  can  be  applied  to  enter¬ 
prise  network  sites  keen  on  moving  to 
Microsoft  ’s  Active  Directory. 

FastLane  Technologies  hopes  so.  The 
company  last  week  shipped  DM/Admin- 
istrator  4.1,  a  directory  administration 
software  tool  that  lets  Windows  adminis¬ 
trators  create  Active  Directory-like  dele¬ 
gation  controls  within  NT  domains. 

The  features  of  DM/ Administrator  4.1 
are  available  now  for  administration  and 
security  enforcement  on  NT  4.0.The  soft¬ 
ware  is  aimed  at  helping  customers  move 
toward  implementing  Active  Directory. 

Other  vendors  also  are  developing 
tools  that  bridge  the  gap  between  NT 
domains  and  Active  Directory. 

The  tools  are  likely  to  be  a  welcome 
crutch  for  administrators  who  are  per¬ 


plexed  by  Active  Directory  and  plan  to 
move  slowly  as  they  wait  for  Windows 
2000  to  mature. 

“These  sorts  of  tools  will  be  a  help  dur¬ 
ing  migrations,”  says  Bruce  Robertson,  an 
analyst  with  Meta  Group. 

DM/Administrator  4.1,  a  piece  of 
FastLane’s  DM/Suite,  features  a  tool  for 
creating  a  centralized  administration 


point  for  all  NT  4.0  domains  regardless  of 
existing  trust  structures.  The  feature  is  a 
mirror  of  what  will  be  available  in  Active 
Directory,  which  is  expected  to  ship  by 
year-end. 

“The  4.1  release  spans  NT  4.0  and 
Active  Directory,  so  the  unified  structure 
can  be  migrated  directly  to  Active 
Directory,”  says  Keith  Miller,  product  man¬ 
ager  for  DA/Administrator. 

Other  features  let  users  assign  policies 
to  NT  home  or  share  directories  to  restrict 
the  rights  of  administrators  assigned  to 
those  directories.  Users  can  track  and  log 
activity  in  the  home  and  share  directories. 
The  software  also  lets  predefined  roles  be 
created  and  assigned  based  on  administra¬ 
tive  duties.  Also,  Version  4. 1  allows  the 
administration  of  groups  of  users  rather 
than  just  individuals. 

DM/Administrator  4. 1  is  available  now 
and  is  priced  at  $7  per  managed  user. 

FastLane:  www.fastlanetech.com 
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Enterprise  Applications 


IBM  readies  handheld  version  of  MQ  middleware 


BY  JOHN  cox 

IBM  is  about  to  take  a  major 
step  forward  in  disconnecting 
handheld  computers  from  PCs 
and  letting  them  gain  direct 
access  to  entetprise  applica¬ 
tions  and  resources. 

IBM’s  Hursley  Park  Labora¬ 
tory  in  Britain  has  created  for 
these  devices  a  midget  version 
of  the  company's  widely  used 
MQSeries  messaging  middle¬ 
ware  called  MQSeries  Every¬ 
where  (MQ/e).  Messaging 
products  can  be  thought  of  as 
a  delivery  service  for  applica¬ 
tions  —  taking  information 
from  one  application,  putting  it 
into  a  special  package  (or  mes¬ 
sage)  and  shipping  it  to  other 
applications  for  their  use. 

If  MQ/e  becomes  widely 
implemented,  enterprise  net¬ 
work  managers  will  have  a  tool 
they  need  to  bridge  the  gap 
that  exists  today  between 
handheld  applications  on 
handheld  devices  and  those  on 
servers  and  mainframes. 

Many  handheld  computers 
and  personal  digital  assistants 


are  designed  to  work 
only  with  the 
applications  on  the 
users’  PC.  Some  third- 
party  software  pack¬ 
ages  are  available  to 
copy  data  between 
these  devices  and 
one  or  more  databas¬ 
es.  But  it  remains 
awkward  and  time- 
consuming  to  forge 
workable  links  be¬ 
tween  such  dissimilar 
applications. 

With  MQ/e,  appli¬ 
cations  on  a  handheld 
can  pass  information 
to  a  MQSeries  gate¬ 
way  on  the  corporate 
network.  From  there,  the  infor¬ 
mation  can  be  passed  to  any 
other  enterprise  application 
that  makes  use  of  the 
MQSeries  APIs.  Those  applica¬ 
tions,  in  turn,  can  send  data 
back  to  the  handheld. 

MQSeries  assembles  and  dis¬ 
assembles  the  messages,  nego¬ 
tiates  security,  encrypts  the 
messages  and  authenticates 
users.  If  a  link  or  computer 


Remote  data  processing 

A  handheld  version  of  IBM's  MQSeries  messaging  middleware  will  let  users 
pass  information  directly  to  existing  enterprise  applications.  A  beta  version  of 
the  software  is  due  this  fall. 

Q  The  handheld  sends  data  to  the  MQ  gateway  server  via  a 
wireless  connection. 


Q  A  user  enters  order  data  on  a 
handheld  device;  data  is 
formated  as  an  MQ  message. 


Hand¬ 
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device 


Cell  phone 


Corporate 

headquarters 


Wireless 

network 


Q  MQ  gateway  passes  data  to 
enterprise  application  servers. 


fails,  the  software  preserves 
the  information  and  retrans¬ 
mits  it  once  a  connection  is 
restored. 

“It  lets  these  devices  do 
much  more  than  just  e-mail,” 
says  Ron  Lamb,  IBM’s  MQ¬ 
Series  business  unit  executive. 
“With  MQ/e,  you  can  send  an 
application  message  with  guar¬ 
anteed  delivery.  For  applica¬ 
tions  such  as  online  stock  trad¬ 


ing,  making  sure  you  do  the 
transaction  only  once  is  obvi¬ 
ously  very  important.” 

For  example,  a  salesman  can 
take  an  order  at  a  customer 
site,  filling  in  customer  name, 
part  number  and  quantity  on 
an  electronic  form  on  his  Palm 
Computing  or  Windows  CE 
handheld.  The  application 
sends  a  message  to  the  MQ/e 
device  code  on  the  handheld. 


The  salesman  dials  in 
to  the  server  using  his 
cell  phone. 

Messages  are  passed 
to  the  MQ/e  gate¬ 
way,  which  routes 
them  to  back-end  sys¬ 
tems  to  check  credit 
rating,  inventory  and 
delivery  data.  Return 
messages  are  sent  back 
to  the  handheld,  and 
the  salesman  closes 
the  deal. 

Each  client  device 
must  be  listed  in  an 
Lightweight  Directory 
Access  Protocol-com¬ 
patible  enterprise  di¬ 
rectory.  This  directory 
object  holds  information  such 
as  the  telephone  number  to  be 
used  by  the  gateway  in  sending 
MQ  messages  to  the  device. 

In  September,  IBM  will 
release  a  beta  version  of  MQ/e 
to  a  select  group  of  software 
vendors.  The  final  product  will 
probably  be  released  sometime 
in  2000. 

IBM:  www.software.ibm. 
com/ts/mqseries/ 


Tibco  expands  middleware  for  Web  commerce 


ActiveEnterprise  2.0 

Tibco's  ActiveEnterprise  2.0  is  a  set  of  programs  for  linking 
applications  on  different  computers.  Key  features  include: 

•  The  ability  to  send  database  updates  to  applications. 

•  A  new  message  broker,  adding  support  for  XML  data  schema  to  simplify 
moving  data  between  applications. 

•  A  custom  Web  portal  that  lets  corporate  customers  add  enterprise  data 
to  Corporate  My  Yahoo  Web  pages. 


BY  JOHN  COX 

The  latest  release  of  middle¬ 
ware  from  Tibco  Software  adds 
a  set  of  programs  designed  to 
let  customers  more  easily 
blend  back-end  applications 
with  new  Web-based  electronic 
commerce  systems. 

Web  pages  are  deceptively 
simple  to  create.  But  transacting 
electronic  business  means  the 
pages  have  to  be  linked  with  an 
array  of  back-end  corporate  sys¬ 
tems,  such  as  billing,  inventory, 
production  scheduling  and 
delivery.  Tibco’s  ActiveEnter¬ 
prise  2.0  is  a  toolbox  for  creat¬ 
ing  these  links. 

The  heart  of  the  Active- 
Enterprise  suite  is  TIB/Rendez- 
vous,  an  application  messaging 
system.  Information  about  a 
new  order,  for  example,  is 
stripped  from  a  Web  form, 
packaged  into  a  special  mes¬ 
sage  format  and  routed  to  a 
scries  of  enterprise  applica¬ 
tions,  which  check  inventory 
and  credit,  create  the  purchase- 
order  and  schedule  delivery. 
The  result  is  that  Web  users 


placing  orders  can  get  the 
order  confirmed  quickly,  while 
they’re  still  watching  their 
screens,  rather  than  learning 
later  that  they  forgot  to  enter 
some  information. 

For  messaging  between 
object-oriented  applications, 
ActiveEnterprise  uses  the  TIB/ 
Object  Bus,  which  lets  reusable 
software  objects,  or  compo¬ 
nents,  find  each  other  over  a 
network  and  work  together. 

In  Version  2.0,  Tibco  has 
added  a  half-dozen  new  or 
improved  parts.  For  example, 
the  TIB/Adapter  for  Active 
Database  tracks  changes  to  a 


database  and  then  messages 
relevant  applications. 

A  new  version  of  TIB/Mes- 
sage  Broker  now  supports  data 
schema  based  on  XML.  Message 
Broker  will  now  be  able  to 
“read”  information  about  a  pur¬ 
chase  order  created  by  SAP  AG’s 
R/3  business  software,  for  ex¬ 
ample,  store  it  in  XML,  and  then 
share  it  with  any  other  applica¬ 
tion  that  also  supports  XML. 

Pricing  varies  according  to 
the  number  of  users,  servers 
and  the  specific  Active- 
Enterprise  components  select¬ 
ed  by  the  customer. 

Tibco:www.  tibco. com 


Concord, 

continued  from  page  33 

ports  network-response  mea¬ 
surement  tools  from  third  par¬ 
ties,  including  Cisco,  Ganymede 
Software,  Response  Networks 
and  NetScout  Systems. 

The  addition  of  applica¬ 
tion  monitoring  to  Network 
Health’s  already  comprehen¬ 
sive  network  performance  sta¬ 
tistics  is  a  plus  for  Concord’s 
customer  base,  says  Kathrin 
Winkler  of  Renaissance  World¬ 
wide  in  Newton,  Mass. 

“Managing  the  interior  of 
the  network  is  important,  but  it 
doesn’t  measure  the  impact  on 
the  end  user.  On  the  flip  side, 
measuring  only  the  impact  on 
the  end  user  doesn’t  help  you 
do  anything  to  address  a  prob¬ 
lem, ’’Winkler  says. 

Booz  Allen  &  Hamilton,  a 
consulting  firm  based  in 
McLean,  Va.,  used  the  beta 
version  of  Network  Health- 
Response  to  measure  the  per¬ 
formance  of  its  virtual  private 
network.  The  company’s  net¬ 
work  spans  30  sites,  supports 
10,000  users  and  features  75 
network  devices. Tlie  company 
used  the  software  to  measure 


the  end-to-end  response  time 
between  the  corporate  net¬ 
work  and  the  remote  sites. 

“It  was  an  eye-opening 
experience,”  says  Trent  Gibson, 
system  administrator  with 
Booz  Alien.  “We  saw  a  lot  of 
high  spikes  in  the  response 
times,  whether  from  conges¬ 
tion  on  the  Internet  or  our  ISP. 
Network  Health  enabled  us  to 
get  a  baseline  for  the  kind  of 
performance  we  can  expect 
from  the  different  sites.” 

Jerald  Murphy,  program  direc¬ 
tor  for  global  network  strategies 
at  the  Meta  Group  consultancy, 
says  new  products  such  as 
Network  Health-Response  are 
“the  first  step  toward  integrat¬ 
ing  end-to-end  service-level 
management  for  business.These 
products  take  all  the  techno¬ 
geek  information  and  report  it 
in  a  way  that  a  business  person 
can  understand.  They  demystify 
the  information.” 

Network  Health-Response  is 
an  add-on  module  that  runs  in 
conjunction  with  Concord’s 
Network  Health  software.  The 
new  module  ships  this  month 
and  costs  $  15,000.The  Network 
Health  console  costs  $10,000. 

Concord:  www.concord.com 
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Even  though  we’re  #1  in  storage  man¬ 
agement  and  have  received  virtually 
every  industry  award  in  the  category, 
we’re  not  about  to  start  resting  on 
our  laurels. 

To  the  contrary,  we’re  investing  more 
money  in  R&D  than  ever  before,  and  it  shows. 

With  a  broad  range  of  exciting  new 
features  and  benefits,  ARCserves/r  remains 
today’s  most  advanced  storage  manage¬ 
ment  solution,  and  now  it’s  available  in 
three  editions  to  address  the  specific  needs 
of  your  organization. 

ARCs erve/7  Workgroup  Edition  protects 
your  Windows  NT  LAN.  With  comprehensive 
backup  for  both  server  and  attached  clients, 
online  backup  of  business  applications  and 
fast  remote  disaster  recovery,  this  solution 
has  everything  a  small  environment  needs. 


Features 

Computer  Associates 
ARCserve/7v6.6i* 

Legato  Seagate  Backup 
NetWorkervs.i  Execv7.2 

Built-In  Unicenter  TNG®  Framework"  Management 

✓ 

Java-Based  Remote  Management 

✓ 

✓ 

Free  Small  Tape  and  Optical  Library  Support 

✓ 

Flexible  Directory  Level  Open  File  Backup 

✓ 

Unattended  Remote  Disaster  Recovery 

✓ 

Dynamic  Tape  Drive  and  Library  Re-Configuration 

✓ 

High-Speed  Image  Backup 

✓ 

Free  RAID  Fault  Tolerance 

✓ 

Shared  Tape  Library  Support  (ACSLS) 

✓ 

V 

Fibre  Channel  SAN  Solution 
for  Windows  NT  and  NetWare 

✓ 

✓ 

Unicenter  TNG®  Integration 

✓ 

✓ 

AS/400  Client  Agent 

✓ 

Complete  MVS,  0S/390  Storage  Solution 

✓ 

Messaging  System  Protection 

■  Microsoft  Exchange 

■  Lotus  Notes 

■  GroupWise 

$ 

i  * 

ARCser ve/T Advanced  Edition  is 

Enterprise  Edition  protects  and  manages 

a  scalable  solution  that  offers  central 
ized  management  for  medium  to 
large  environments  that  require 
multiple  platforms  and  advanced 
technology  support. 

ARCs erve/T  Enterprise  Edition 
provides  comprehensive  support  for  large- 
scale,  more  complex  and  demanding 
enterprise  environments.  With  cross-platform 
administration,  exceptional  performance, 
and  unmatched  reliability,  ARCserve/T 


your  data  from  desktop  to  data  center. 
But  don’t  let  all  of  the  power 
and  advanced  functionality  fool  you. 
ARCserve/Tis  still  as  friendly  and 
easy  to  use  as  ever.  Just  what  you 
would  expect  from  the  industry  leader  in 
systems,  network  and  storage  management. 

To  receive  your  FREE  Trial  Copy,  visit 
www.cai.com/ads/arcserveit  or  call 
1-877-2  GO  FOR  IT.  Also  available  through 
CA’s  Open  License  Program ' 


( Computer ® 
Associates 

Software  superior  by  design. 
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Free  Product  info  enter  NWInfoXpress  #50  online  @  www.networkworld.com/lnfoxpress 
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unpleasant  surprises.) 


pentium®/// 


NEW!  E-1400  ultramanageable, 

ultraserviceable  business  desktop 

•  Intel®  Celeron™  processor-based  PC 
with  128K  full-speed  L2  cache 

•  Space-saving:  one  of  the  industry’s 
smallest  footprints  with  3-bay 
convertible  chassis 

•  4MB  AGP  graphics 

•  Complete  configuration  starting 
at  $899,  including  15"  monitor 
(13.9"  viewable) 


r 


E-3200  integrated 

high-performance  desktop 

•  Intel®  Pentium®  III  processor 
performance 

•  5-bay  convertible  chassis, 
allowing  horizontal  or  vertical 
placement 

•  High-performance  8MB 
AGP  graphics 

•  Complete  configuration 
starting  at  $1199,  including 
15"  monitor  (13.9"  viewable) 


Ad  Code:  000465 
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If  there’s  one  line  of  business  desktops  that  will  make  your  IT  job  easier,  it’s  the  E-Series, 
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available  only  from  Gateway.  Custom-built  to  your  company’s  needs,  E-Series  desktops 
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feature  a  powerful  combination  of  performance,  affordability,  and  most  important,  simplicity.  .1 


Stable  platforms  with  an 
18-month  lifecycle 


Built  with  reliable, 
industry-standard  technology 


Compatible  with  leading 
enterprise  management  software 


Wired  for  Management  1.1,  providing 
Wake-up  On  LAN,  DMI,  and  hardware 


monitoring  and  alerting 


Enhanced  serviceability  with  tool-free 
access,  snap-in  components  and 
clean  cable  management 


E-4200  non-integrated 
high-performance  desktop 

•  Intel  Pentium  III  processor  performance 

•  Wide  range  of  configuration  options  in 
3  cases,  up  to  11-bay  design 

•  High-performance  16MB  AGP  graphics 

•  Complete  configuration  starting 
at  $1225,  including  15"  monitor 
(13.9"  viewable) 


CALL _ CLICK _ OR  COME  IN  to  a  gateway  business  solutions™  center 

1-888-888-0779  www.gateway.com  Gateway  Country® 

oux  Citv.SD  57049-1951  for  a  free  copy  of  our  limited  warranties  and  on-site  service  agreements.  On-site  customers:  If  Gateway  determines  on-site  service  is  necessary.it  will  he  provided  for  product  in  the  continental  United  States.  Alaska,  Hawaii,  Puerto  Rico  and  Canada  (excluding 
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Enterprise  Applications 


'Net  insider  .  Scott  Bradner 


TOO  BRIGHT  A  LIGHT? 


It  seems  like  there  is  a  December  the  20th  century,  predictions  for  the 
tradition  among  various  publica-  21st  century  are  starting  to  show  up. 
tions  to  issue  predictions  for  the  year  I  wonder  if  the  prophets  are  going  to 
ahead.  Now  as  we  reach  the  end  of  be  able  to  see  past  the  Internet’s  cur¬ 


rent  mindshare. 

I’m  sure  there  have  been  others, 
but  the  first  set  of  predictions  I’ve 
seen  were  just  published  in  Business 
Week.  The  cover  story  on  this  special 
issue  promised  “21  Ideas  for  the  21st 
Century.”  Eight  of  the  21  ideas  men¬ 
tioned  the  Internet  or  the  Web,  and 


Pract 
The 


Practical  answers  to 
real-life  questions 


You  know  what  VPNs  promise:  cost  savings,  business 
efficiencies  and  improved  relationships  with  your  partners. 

But  once  that's  understood,  are  you  prepared  to  deal  with 
the  technical  issues  of  planning  a  full-scale  VPN  deployment 
enterprise:wide?  Integration  issues,  scalability,  site-to-site 
viability,  security,  mission-critical  performance  and  service-level 
guarantees  are  just  a  few  questions  you  should  be  considering 


Practical  VPIM  Deployment:  The  Next  Step  is  a 

one-day  seminar  designed  to  give  you  a  clear  understanding 
of  these  technical  issues  and  how  to  meet  them  head  on. 
Seminar  director  Eric  Zines,  Senior  VPN  Analyst  withTeleChoige 
Inc.,  will  explore  the  greatest  challenges  of  VPN  deployment, 
and  provide  solutions  for  doing  so  successfully.  He'll  also  share 
the  success  stories  of  early  adopters,  including  their  trials  and 
tribulations  on  their  way  to  success. 
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6  Reasons  Not  to  Miss  This  Seminar 


1.  Understand  the  most  common  pitfalls  in  building  an 
enterprise-class  VPN,  and  learn  to  avoid  them. 


2,  Learn  how  others  are  growing  their  VPN  pilots  to  support 
mission-critical  applications. 


3.  Understand  how  to  grow  your  VPN  to  match  your  performance 
requirements. 


4.  Learn  to  integrate  existing  security  measures  with  your  VPN  plans. 


5.  Understand  how  to  deploy  the  d  orent  types  of  VPNs: 
remote  access  and  site-to-  :e. 


6.  Have  your  key  questions  answered  by  the  leading  VPN  vendors  and 
service  providers. 


Learn  from  the  Leader 

Directed  by 


TeleChoicel 


Eric  Zines,  TeleChoice,  Inc. 
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KNOWLEDGE 

Print  •  Online  •  Events 


Network  World  Technical  Seminars  is  known  throughout  the  networking 
community  for  providing  IT  professionals  with  expert,  unbiased  education 
on  the  latest  technologies  and  trends  shaping  today's  mission-critica  letworks. 
This  reputation  combined  with  our  100%  satisfaction  guarantee  makes  us  the 
educator  of  choice  in  the  networking  industry. 


On-Site  Seminars 


Bring  a  customized  version  of  this  seminar  to  your  company. 
Contact  Bill  Bernardi  at  (508)  820-7506  or  bbernard@nww,com. 


1999  Seminar  Tour 


Register  Today! 


New  York,  NY  •  September  23 
Hartford,  CT  •  September  24 
Research  Triangle  Park,  NC  •  Oci 
Miami,  FL  •  October  14 
San  Francisco,  CA  •  November  3 
Irvine,  CA  •  November  4 
Chicago,  IL  •  December  8 
Detroit,  Ml  •  December  9 


S450  Registration  Fee 


For  complete  program  agenda  and 
registration  information,  contact  us  at 


October  13 


Take  advantage  of  our  Team  Discounts 

2  registrants — $400  each 

3  registrants — $350  each 
Every  4th  registration  is  FREE 


(800)643-4668 

www.nwfusion.com/seminars 
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If  you  are  interested  in  sponsorship  opportunities,  please  contact  Andrea  D'Amato  at  (508)  820-7520  or  adamato@nww.com 


three  others  seemed  related. 

One  of  the  most  effective  ways 
to  hide  is  to  stand  just  to  the  side 
of  a  very  bright  light.  The  light 
overloads  the  observer’s  senses  and 
makes  it  almost  impossible  to  see 
beyond  the  light.  Countless  B-grade 
cops  and  gangsters  movies  of  days 
gone  by  relied  on  the  concept,  as 
did  the  original  version  of  “The 
Thomas  Crown  Affair,”  a  movie  worth 
renting. 

The  Internet  seems  to  be  acting  like 
a  too-bright  light  shining  into  the  eyes 
of  many  would-be  prophets.  They  are 
finding  it  very  hard  to  put  the  ’Net  in 
its  proper  place  and  gage  its  future 
impact. 

Clearly,  the  Internet  is  and  will  con¬ 
tinue  to  be  a  facilitator  of  change.  But 
the  ’Net  is  only  the  latest  in  a  long 
series  of  facilitators  that  may  be  doing 
basically  the  same  thing:  improving 
the  ability  of  individuals  to  communi¬ 
cate  with  a  minimum  of  intermedi¬ 
aries. 

This  sort  of  change  has  been  going 
on  since  the  Protestant  Reformation 
with  each  generation  of  technology 
from  the  printing  press,  to  the  tele¬ 
graph,  to  the  telephone  and  now  the 
Internet.  Each  generation  of  technol¬ 
ogy  has  increased  the  efficiency  of 
communications  and  made  it  easier 
for  individuals  to  participate  in  such 
communications. 

But  in  the  case  of  the  Internet,  too 
many  people  seem  to  confuse  the 
facilitator  of  change  with  change 
itself.  They  forget  about  the  technolo¬ 
gies  that  came  before. 

Victor  Hugo  called  the  printing 
press  “the  parent  revolution.”  That  is, 
the  revolution  from  which  other  revo¬ 
lutions  are  born.  The  same  thing  could 
have  been  said,  and  probably  was  in 
one  way  or  another,  about  all  other 
communications  technologies  since 
then. 

I  fully  expect  some  other  communi¬ 
cations  technology  to  come  along  to 
continue  this  trend  —  direct  mind 
projection,  perhaps. 

It’s  hard  to  see  what  is  happening 
in  a  world  of  improved  communica¬ 
tions  without  focusing  on  the  tech¬ 
nology.  The  ’Net  won’t  do  everything. 
It  will  not  cure  baldness  —  though  it 
would  be  nice  if  something  did.  But 
the  improving  ability  to  communicate 
will  continue  to  have  profound 
impacts.  If  only  we  could  more  easily 
see  past  the  neat  toy  of  the  moment 
and  understand  what  those  impacts 
might  be. 

Disclaimer:  Harvard  mostly  avoids 
the  deer-in-the-headlights  reaction  to 
bright  lights,  but  the  above  observa¬ 
tion  is  mine. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@harvard.edu. 
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It's  ironic,  but  you  can  monitor  and 


Network  —  except  the  bandwidth  that 


MAKES  IT  WORK 


Until  now,  tracking  the  details  of  WAN 

USAGE  WAS  VIRTUALLY  IMPOSSIBLE.  THE 


■ 
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BANDWIDTH  AT  THEM 


ServicePoint, 


A  NEW  TECHNOLOGY  THAT 


GOES  BEYOND  DSU/CSUS  TO  ANSWER 


QUESTIONS  ABOUT  WAN  PERFORMANCE 


AND  BANDWIDTH  USAGE  THAT  OTHER 


Find  out  how  you  can  terminate 


MONITOR  AND  TAKE  ACTIVE  CONTROL 


OF  EXPLODING  WAN  BANDWIDTH 


costs.  Call  or  visit  our  Website 


YOU  NEED 


ADC  T  elecommunications 


information  call  (800)  232-5879  or  visit  www.kentrox.com/servicepoint 

Free  Product  info  enter  NWInfoXpress  #48  online  @  www.networkworld.com/infoxpress 


For  more 


YOU  MAKE  EACH  ONE  FEEL 
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LIKE  ONE  IN  A  MILLION? 


MILLION  SATISFIED  CUSTOMERS 


XEROX 


Free  Product  info  enter  NWInfoXpress  #57  online  www.networkworld.com/infoxpreis^ 
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Enterprise  Applications  Special  Focus 


The  good, 

the  ugly 


the  bad  and 
of  p' cards 


BY  ELLEN  MESSMER 

In  order  to  better  control  spending  and  do  away 
with  the  paper-based  authorization  process, 
corporations  are  giving  their  employees  special¬ 
ized  procurement  cards  from  American  Express, 
MasterCard  or  Visa. 

These  “p-cards,”  which  are  expected  to 
become  increasingly  popular  for  business-to-busi- 
ness  electronic  commerce,  don’t  provide  a  line  of 
credit  like  credit  cards.  Their  advantage  is  that  the 
three  card  companies  can  tightly  control  — 
through  widespread  data-processing  networks  — 
how  each  p-card  is  used,  right  down  to  the  specific 
merchant  dealt  with,  the  kind  of  item  purchased 
and  the  amount  spent. 

The  disadvantage,  though,  is  that  American 
Express,  MasterCard  and  Visa  each  define  the 
p-card  data-capture  process  differently.  This  results 
in  interoperability  headaches  for  merchants  wanti¬ 
ng  to  accept  customer’s  p-cards  either  by  inputting 
the  card  numbers  into  computer  terminals  or  tak¬ 
ing  them  over  the  Web. 

“This  is  not  as  easy  as  credit  cards,”  says  Cliff 
Zonneighton,  CEO  of  the  Web-based  merchant 
transaction  service,  Internet  Commerce  Services. 
His  company  is  now  examining  the  technical  com¬ 
plexities  of  p-card  processing. 

The  three  card  associations  all  like  to  segment 
information  such  as  sales  tax,  itemization,  customer 
name  and  other  desirable  p-card  data  that  accoun¬ 
tants  crave  into  what’s  called  Level  I,  II  or  III  data. 
The  problem  is,  the  companies  don’t  do  it  the 
same  way.  So  to  capture  the  Level  III  data  that  cor¬ 
porations  want  most,  for  example,  merchants  are 
faced  with  implementing  different  software  pack¬ 
ages  for  American  Express,  MasterCard  and  Visa. 

Third-party  p-card  data  processors,  such  as 
PaymentTech  and  First  Nova,  add  more  complexity 
and  incompatibilities. 

Technology  aside,  merchants  being  asked  to 
accept  p-cards  also  have  to  pay  transaction  fees  for 
each  purchase  made  with  the  cards,  which  could 
be  5%  of  the  transaction  amount  or  more. 

“The  merchant  pays  for  everything,”  says  Scott 
Carruthers,  senior  manager  in  the  e-commerce 
practice  at  Ernst  &  Young,  noting  that  sales  vol¬ 
umes  have  to  justify  taking  p-cards. 

Steve  Herndon,  a  Bank  of  America  senior  vice 
president,  acknowledges  that  it  can  be  a  tough  sell 
getting  merchants  to  process  Level  III  data.  “It’s  too 
expensive  at  SI, 500  per  terminal,”  he  says. 

A  reason  to  love  p-cards 

One  of  the  main  reasons  corporate  bean-coun¬ 
ters  love  p-cards  is  that  American  Express, 
MasterCard  and  Visa  promise  to  deliver  detailed 
transaction  information  —  sometimes  directly  into 
companies'  back-end  enterprise  resource  planning 
systems  —  on  every  purchase. 


ELECTRONIC  COMMERCE 
Procurement  cards 
could  play  a  hey  role  in 
electronic  commerce. 


How  to  get  p-cards 

There  are  currently  three  card  associations  providing  p-cards. 

Company 
offering  p-cards 

How  to  get  them 

E-comm  software  with  p-card 
support  (actual  or  planned) 

American  Express 

Directly  from  AmEx 

Commerce  One,  Ariba,  TradeEx 

MasterCard 

24  banks 

(see  www.mastercard.com) 

Clarus,  Elcom,  EC  Cubed 

Visa  y/sa 

24  banks 

(see  www.visa.com) 

Ariba,  Commerce  One,  SAP, 
PeopleSoft 

Companies  get  a  report,  including  itemization, 
tax  information,  even  the  merchant’s  minority  sta¬ 
tus.  But  only  Level  I  data,  which  includes  informa¬ 
tion  such  as  the  merchant’s  name  and  the  transac¬ 
tion  amount,  matches  up  with  what’s  captured  in 
any  credit  card  transaction  today. 

The  new-generation  of  “Enhanced  POS  Terminal 
PC  software  from  Verifone  and  Hyperion  will  cap¬ 
ture  Level  II  data,  such  as  customer  ID  and  tax 
amount,  according  to  Red  Gillen,  director  of  the 
commercial  card  products  group  at  Visa. 

But  it  is  still  a  challenge  to  cap¬ 
ture  the  itemized  detail  for  a  p-card 
user’s  Level  III  transaction  and  have 
it  end  up  in  an  aggregated  financial 
statement  after  crossing  multiple 
data  networks.  MasterCard’s  Steve 
Abrams  says  that  less  than  5%  of 
p-card  transactions  are  captured  as 
Level  III  data. 


The  AmEx  advantage? 

American  Express  claims  it  has 
the  p-card  advantage  because  the 
company  maintains  end-to-end  con¬ 
trol  of  its  global  network  without 
having  to  process  any  card  informa¬ 
tion  through  bank  networks  or 
third-party  data  processors.  In  contrast,  MasterCard 
and  Visa  p-cards  are  issued  to  the  customer  by 
about  two  dozen  banks  that  belong  to  these  two 
card  associations. 

“We  don’t  use  third-party  processors,  and  we 
think  that’s  a  big  advantage,”  says  Nancy  Grim,  an 


MasterCard's  Steve  Abrams 
says  companies  aren't  pushing 
the  limits  with  p-cards  yet. 


American  Express  vice  president.  She  reports  that 
about  1 ,000  corporations,  mostly  large  ones,  use 
the  American  Express  p-card  and  50,000  merchants 
accept  it. 

Grim  claims  that  American  Express  p-cards  can 
restrict  buying  to  specific  merchants,  whereas 
her  competitors  only  restrict  based  on  types  of 
businesses. 

Visa’s  Gillen  concedes  this  is  the  case,  but  coun¬ 
ters  that  a  bank’s  direct  p-card  relationship  with  a 
customer  offers  its  own  advantages,  such  as  cash 
management  services.  “The 
bank  knows  the  overarching 
needs  of  the  corporation,” 
Gillen  says. 

Nonetheless,  Visa  and 
MasterCard  seem  oddly  isolat¬ 
ed  from  the  p-card  action, 
unable  to  say  exactly  how 
many  corporations  or  mer¬ 
chants  are  in  the  p-card  loop. 
They  do  know  about  p-card 
volumes,  although  they  won’t 
divulge  the  numbers. 

With  Web-based  purchasing 
on  the  rise,  American  Express, 
Visa  and  MasterCard  are  rushing  to  build  partner¬ 
ships  with  software  vendors  to  get  them  to  sup¬ 
port  p-cards  in  their  code. 

American  Express  has  cut  deals  with  Commerce 
One,Ariba,TradeEx,  Concourse  and  other  com¬ 
panies  so  their  software  will  transfer  p-card  data 
over  the  Internet  into  the  American  Express  net¬ 
work. 

Visa  is  working  with  Ariba,  whose  software  it 
uses  internally  for  online  procurement,  as  well 
as  Commerce  One,  SAP  and  PeopleSoft.  Master- 
Card  got  Clarus,  which  it  uses 
in-house,  to  add  MasterCard  p-card 
support  with  help  from  Micro¬ 
soft.  MasterCard  is  also  in  similar 
deals  with  Elcom  International 
and  EC  Cubed. 

Despite  the  challenges,  p-card 
use  is  on  the  rise. The  General 
Services  Administration  (GSA)  last 
year  awarded  the  federal  govern¬ 
ment’s  mammoth  “SmartPay” 
p-card  contract  to  Citibank, 

First  Chicago,  Bank  of  America, 
Mellon  Bank,  US  Bank,  Visa  and 
MasterCard. 

So  far,  the  GSA  is  pleased  with 
its  p-card  system.  “We  can  docu¬ 
ment  savings  of  $54  per  transaction,”  says  Nancy 
Goode,  GSA’s  director  of  the  services  acquisition 
center. 

Despite  the  challenges  of  getting  merchants  to 
adopt  p-cards,  endorsements  such  as  this  should  give 
p-cards  the  momentum  they  need  to  succeed.  3 
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Nortel  Networks’"  introduces  the  Internet  Communications  Architecture  (Inca™)  Portfolio.  Finally,  you  can  bring  voice  and 
data  networks  together  into  one  fluid  operation  without  starting  all  over.  With  the  Inca  portfolio  of  products,  you  can  now  combine 
your  existing  networks  into  one  Unified  Network  without  losing  reliability  or  walking  away  from  your  existing  network 
investment.  That’s  because  Inca  is  an  IP  architecture  based  on  open  standards.  So  whatever  you  need -from  the  Inca  Mi  that 
integrates  telephony  applications  onto  existing  IP  networks  to  the  Inca  Mio  which  provides  the  foundation  for  a  seamless  converged 
Internet  telephony  network  from  scratch  -  Nortel  Networks  has  the  answer.  To  learn  more  information,  visit  www.nortelnetworks.com/16JU 


N&RTEL 

NETWORKS 

How  the  world  shares  ideas. 


Nortel  Networks,  Unified  Networks,  Inca,  the  Nortel  Networks  logo,  the  Clobemark  and  "How  the  world  shares  ideas."  are  trademarks  of  Nortel  Networks.  ©1999  Nortel  Networks.  All  rights  reserved. 

Free  Product  info  enter  NWInfoXpress  #54  online  @  www.networkworld.com/infoxpress 
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EVER  HAVE 


CONTROL 


WEBSWITCHING 

TECHNICAL  SEMINARS 

REGISTER  TODAY  AT  WWW.ALTEON.COM/WEBSWITCHING 


IS. 


Run  fast,  grow  like  crazy  and  never  lose  control. 

This  is  the  model  for  most  companies  doing  business  on  the  Web 
today.  Well,  except  the  control  part.  Everyday  another  online 
outage  makes  headlines.  So  how  do  you  stay  out  of  the  news?  The 
companies  below  know.  Webworking  from  Alteon  WebSystems. 

Finally  Web-intelligent  networking  (Webworking) 

Webworking  combines  Web-intelligent  traffic  control  services  with 
ultra-fast  Ethernet  switching. 

Add  or  remove  severs  to  scale  capacity — while  sites  stay  up.  Control 
and  prioritize  bandwidth  between 
different  sites,  applications  or  users. 

Get  all  the  power  and  control  you 
ever  wanted  with  our  Web  data 
center  switches  and  Web  OS 
software.  Local  and  global 
sever  load  balancing, 
content-aware  switching, 

bandwidth  management.  All  at  line  rates.  All  in  one  box. 

Alteon  WebSystems.  We  obliterate  Web  wait 

To  learn  more  about  Alteon's  Webworking 
solutions  and  register  to  win  a  new  Sega 
Dreamcast  game  system,  visit  us  at 

www.alteon.com/webtruth3b 


Alteon  700  Series  Web  data  center 
switches  are  the  only  way  to  keep  your 
data  moving  at  full  Web  speed. 


Make  the  switch,  and  you  ’ll  be  in  fast  company.  Just  a  few 
e-Businesses  who  have  switched  to  Alteon  WebSystems. 


©1999  Alteon  WebSystems.  Inc.  All  rights  reserved. 
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Ask 


Dr  Intranet 


By  Steve 
Blass 

In  a  recent 
column,  I  was 
asked:  "Why  am  I 
receiving  ex¬ 
cessive  broadcast 
storms  when  span¬ 
ning  a  virtual  LAN 
attached  to  a  Cisco  Catalyst 
5500  switch?"  (NW,  Aug.  9, 
page  35,  or  www.nwfusion. 
com,  DocFinder:  4329).  My 
answer  prompted  Mark 
Detrick,  quality  assurance 
engineer  with  Cisco,  to  write 
with  more  information. 

He  explains:  Spanning  Tree 
Protocol  (STP),  the  IEEE  802.1  D 
bridge  protocol,  is  used  on  all 
Ethernet,  Fast  Ethernet,  Gigabit 
Ethernet  and  token-ring  port- 
based  virtual  LANs.  The  STP 
calculation  requires  that 
bridges  communicate  with 
other  networked  bridges  run¬ 
ning  STP.  Each  bridge  is 
responsible  for  sending  and 
receiving  configuration  mes¬ 
sages  called  bridge  protocol 
data  units  (BPDU).  Switches 
transmit  BPDUs  from  every  port 
every  few  seconds. 

But  the  Catalyst  5500  sends 
all  BPDUs  at  about  the  same 
time.  The  conglomeration  of  all 
these  ports  sending  BPDUs  is 
replicated  from  the  SPAN  port 
the  sniffer  is  monitoring.  From 
the  sniffer's  perspective,  the 
process  will  appear  as  fre¬ 
quently  occurring  broadcast 
storms.  An  end  host  only  sees 
the  BPDU  sent  from  its  port, 
which  is  why  users  don't  have 
problems. 

For  a  more  accurate  view  of 
broadcast  traffic,  the  net 
administrator  needs  to  filter 
BPDUs  from  the  sniffer  trace 
and  understand  that  one  BPDU 
is  being  sent  from  each  port. 

Blass  is  a  network  archi¬ 
tect  at  Sprint  Paranet  in 
Houston.  You  can  reach 
him  at  drintranet@ 
paranet. 


An  Inside  Look  at  the  Technologies 
and  Standards  Shaping  Your  IMetwork 


Breaking  through  the  1/0  bottleneck 


BY  BRIAN  SMITH 

Fast  and  reliable  access  to  data  is 
an  absolute  necessity  in  corpo¬ 
rate  network  environments,  so 
there  is  mounting  pressure  to  replace  the 
outdated  parallel  I/O  systems  with  more 
capable  connecting  architectures. 

Fortunately,  a  new  generation  of  serial 
I/O  technology  has  emerged  to  meet  the 
demand  for  faster,  more  efficient  data 
interconnectivity.  By  examining  this  new 
generation  of  serial  I/O  technologies,  we 
can  gain  a  clearer  understanding  of  how 
computers  of  tomorrow  will  access  and 
transport  data. 

Processing  power  continues  to 
expand  dramatically,  driven  by  MHz-to- 
GHz  increases  in  clock  frequency  and 
ever-smaller  silicon.  Data  width  has  also 


ularly  acute  in  corporate  information 
centers  and  other  data-intensive  applica¬ 
tions  such  as  CAD,  animation,  multimedia 
presentation  and  post-production  work. 

Data-heavy  applications  need  a  very 
high-speed,  low-pin-count  interconnec¬ 
tion  into  the  processor  and  system  mem¬ 
ory.  This  simpler,  cleaner  approach 
would  eliminate  the  large  number  of 
internal  system  interconnects  needed  to 
support  previous-generation  parallel 
connections.  This  new  interconnect 
strategy  would  also  reduce  the  required 
board  space  and  power  consumption, 
lower  latency,  and  increase  the  speed 
and  number  of  devices  that  could  be 
connected  to  the  system.  It  also  would 
support  far  more  scalable,  reliable  and 
affordable  computing  architectures. 

Serial  I/O  essentially  takes  the  data 


wave  division  multiplexing);  disk  stor¬ 
age;  and  tape  or  optical  devices  using 
SCSI  and  Fibre  Channel. 

By  adopting  a  serial  approach,  pin 
counts  in  modern  processor  complexes 
can  be  reduced  by  a  factor  of  two  or 
more.  Serial  I/O  will  also  increase  data 
throughput  beyond  today’s  highest-per¬ 
forming  64-bit,  66-MHz  parallel  buses. 

The  basic  connectivity  of  current- 
generation  parallel  buses  is  very  limited, 
and  as  connectivity  is  added,  latency  is 
increased  and  performance  is  reduced 
dramatically.  Serial  I/Os  will  offer  signif¬ 
icantly  improved  connectivity.  With  ser¬ 
ial  I/O  streams  flowing  out  of  the  serv¬ 
er  through  an  I/O  router,  fan-out  can 
be  provided  to  an  infinite  number  of 
I/O  devices  with  lower  overhead  and 
higher  performance. 


UP  CLOSE 

Comparing  serial  I/O  to  PCI 

Serial  I/O  takes  data 
bits  handled  by  today's 
I/O  buses,  such  as  PCI, 
and  converts  them  into 
a  fast,  packetized, 
serial  stream  of  data. 

This  stream  travels  bi¬ 
directionally  into  the 
processor  complex  and 
out  to  communication 
and  storage  devices. 


Limitations  of  PCI 


CPU 


I 


©CPU  may  slow 
to  PCI  speed  to 
move  data. 


Internal  data  bus 

— r 


Memory 


CTRL 


©Throughput  is 
limited  by  CPU 
data  transfer 


©I/O  operations 
require 
multiple  bus 
transactions 
and  CPU 
involvement. 


66-MHz  PCI  bus 


across  66-MHz  PCI  bus. 


Advantages  of  Serial  I/O 


©  CPU  sends  messages, 
not  data,  as  host 
channel  adapter 
(HCA)  facilitates 
transfer  of  data 
from  memory. 


©  HCA  operates 
on  same  bus 
and  at  same 
speed  as  CPU 
and  memory. 


Internal  data  bus 

~r 


Memory 


CTRL 


Host 

channel 

adapter 


©  Unlike  PCI,  HCA  tracks  valid  addresses  and 
prevents  invalid  addresses  from  entering  the 
internal  bus,  which  can  hang  the  bus. 


grown  steadily  to  current  64-bit  capabil¬ 
ities. 

Expanded  data  widths  naturally 
require  more  data  and  control  pins  to 
handle  the  increased  flow  of  informa¬ 
tion  coming  out  of  the  processor  com¬ 
plex.  At  the  same  time,  faster  processor 
and  memory  access  speeds  have  pushed 
system  buses  to  the  extremes  of  their 
engineered  limits.  To  meet  these  high¬ 
speed,  high-volume  I/O  requirements, 
developers  have  created  server  architec¬ 
tures  that  depend  on  complex  systems 
of  multiple,  bridged  parallel  buses. 

Considering  the  exponentially  higher 
pin  counts  needed  to  keep  I/O  and  com¬ 
puting  processes  in  sync,  the  traditional 
parallel  approach  causes  more  problems 
than  it  solves.  This  I/O  problem  is  partic- 


and  address  bits  handled  by  current- 
generation  I/O  buses  (PCI,  for  example) 
and  squeezes  them  into  a  very  fast, 
packetized,  serial  stream  of  data.  This 
stream  runs  bidirectionally  into  the 
processor  complex  and  out  to  various 
communication  and  storage  devices.  By 
adopting  this  serial  I/O  strategy  —  and 
thus  moving  I/O  architectures  inside 
the  server  to  the  processor  complex 
itself  —  the  computing  systems  of 
tomorrow  will  be  able  to  access  more 
gigabytes  per  MIP  of  processing. 

This  new  generation  of  “I/O  routers” 
will  soon  be  used  to  provide  fast,  reliable 
and  highly  affordable  connectivity  for 
LANs  (such  as  Ethernet,  Fast  Ethernet, 
Gigabit  Ethernet  and  FDDD;WANs  (such 
as  frame  relay, T-l,T-3,  ATM,  SONET  and 


By  physically  de-coupling  processors 
and  the  I/O  fan-out  in  an  I/O  router, 
system  developers  can  build  more 
modular,  flexible  “pay  as  you  grow” 
server,  communication  and  storage 
products.  Hot-swappable  I/Os  that  are 
physically  and  electronically  separate 
from  the  primary  computing  engine 
will  support  faster  and  more  powerful 
computing  systems.  Serial  I/O  systems 
will  allow  the  use  of  higher-density 
server  clusters  that  are  easier  to  build, 
configure  and  maintain. 

Smith  is  chairman  and  CEO  of 
Crossroads  Systems,  a  maker  of  Fibre 
Channel  storage  routers  in  Austin, 
Texas.  He  can  be  contacted  through 
sbelsel  @crossroads.  com. 
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Technology  Update 


Gearhead  —  inside  the  network  machine  .  Mark  Gibbs 

Solving  a  problem:  Searching  surfed  sites 


A  problem  that  confronts  all 
heavy  users  of  the  Web  is 
keeping  track  of  what  we  find. 
Bookmarks  are  OK,  but  questions  such 
as:  “Where  did  I  see  something  on 
goldfish  and  recessive  coloration  three 
weeks  ago?”  are  usually  next  to  impos¬ 
sible  to  answ  er.  Sure,  you  can  try  your 
browser  s  history  list,  but  unless  you 
have  some  idea  of  the  site  name, 
you’re  going  to  wind  up  scouting  the 
search  engines. 

There's  also  the  problem  of  what 
to  do  with  collected  information. 
Gearhead  is  in  the  process  of  starting 
a  company,  and  the  various  partners 
involved  are  collecting  intelligence 
from  the  Web. 

At  a  rate  of  about  eight  to  10  URLs 
per  day,  we’ve  collected  an  ungodly 
number  of  references  (around  800). 
The  problem  we  face  is  organizing 
and  searching  the  mass  of  Web  data  so 
we  can  marshal  the  facts  about  our 
competition.  If  we  were  to  save  the 
page  contents  using,  for  example, 
Internet  Explorer’s  “Save  as  .  .  .”  func¬ 
tion,  the  mass  of  files  would  become 
unsearchable  and  ultimately  unwork¬ 
able.  It’s  a  big  problem. 

Gearhead  has  found  an  answer. 


AskSam  Systems  of  Perry,  Fla.,  offers  a 
product  called  SurfSaver  that  could  be 
thought  of  as  a  filing  cabinet  for  Web 
pages.  You  can  test-drive  a  copy  for 
free  for  30  days,  and  purchasing  a 
copy  will  only  set  you  back  $29  95. 

SurfSaver  is  a  less  than  4M-byte 
download  from  www.surfsaver.com 
and  takes  about  4  minutes  to  install.  It 
supports  Internet  Explorer  Version  4.0 
and  later  and  Netscape  Navigator 
Version  4.0  and  later. 

The  product  is  derived  from 
AskSam ’s  many  years  of  experience 
with  its  own  free-form  database  called 
AskSam.  The  underlying  technology 
offers  powerful  searching  capabilities 
that  make  looking  for  goldfish  about 
as  simple  as  it  gets. 

In  operation,  SurfSaver  functions 


are  available  on  the  right  mouse  click 
menu  of  Internet  Explorer.  Under 
Navigator,  the  same  functions  are  avail¬ 
able  under  bookmarks. 

The  most  useful  function  allows  you 
to  save  a  Web  page.  Selecting  this  leads 
you  to  a  dialog  box  where  you  can 
specify  various  attributes  regarding  the 
saved  information,  including  folder, 
inclusion  or  exclusion  of  embedded 
graphics,  keywords  and  notes. 

There’s  also  a  quick  save  function 
that  saves  the  current  page  into  the  last 
folder  you  saved  into.  A  search  facility 
opens  a  browser  window  split  into 
two  panes:  The  upper  pane  is  where 
you  can  access  the  product  documen¬ 
tation  and  FAQs,  register  your  installa¬ 
tion,  and  send  AskSam  feedback. 

The  lower  pane  is  the  search  results 
window,  and  clicking  on  the  “find”  but¬ 
ton  allows  searching  by  any  attribute, 
including  date  ranges.  Found  items 
can  be  edited  to  change  the  title,  key¬ 
words  and  notes.  The  edit  pane  also 
allows  you  to  go  to  the  page  online 
(useful  if  you  want  to  check  for 
changes),  as  well  as  delete  the  page, 
save  it  under  a  different  name,  copy 
the  page  or  move  it. 

If  you  right  click  on  the  title  of  a 


saved  page,  the  lower  pane  allows  you 
to  do  all  of  the  above  operations  as 
well  as  export  the  page  with  all  for¬ 
mats,  frames  and  graphics  as  they 
were  in  the  original,  despite  being 
stored  inAskSam’s  database  system. 

Actually,  the  upper  pane  and  its 
logos  takes  up  far  too  much  screen 
real  estate  so  Gearhead  went  a 
huntin’.  Sure  enough,  the  answer  is  to 
modify  the  AskSam  HTML  files  that 
make  up  the  browser  search  window. 
These  files  are  in  the  AskSam  subdi¬ 
rectory  and  a  little  judicious  work 
with  an  HTML  editor  allowed 
Gearhead  to  reorganize  the  top  screen 
to  be  more  aesthetically  pleasing  and  a 
lot  smaller. 

SurfSaver  saves  most  pages  per¬ 
fectly,  but  there  are  exceptions,  such 
as  sites  with  extensive  JavaScript  and 
exotic  media  use  (such  as  Flash 
Graphics). 

Overall,  SurfSaver  is  an  excellent 
product  with  a  good  pedigree  and,  at 
the  price,  a  bargain.  It’s  highly  recom¬ 
mended,  and  the  recipient  of  nine 
Gearhead  teeth  out  of  10. 

Save  your  comments  to 
gh@gibbs.com. 


,  the  Career 
Doctor  outlined  what  ques¬ 
tions  are  legal  and  illegal  dur¬ 
ing  a  job  interview.  He  hit  a 
nerve  with  his  comment  that 
asking  whether  someone  is  a 
smoker  is  out  of  bounds. 
Smokers  and  nonsmokers 
chimed  in  with  responses. 

“I  have  asthma.  I  don’t 
need  to  ask  if  a  candidate 
smokes.  I  need  only  spend 
about  5  minutes  with  the 
candidate,  and  my  lungs  will 


tips  and 
tools  from  our 
Web  site 


tell  me  whether  he  smokes 
or  not,”  one  reader  says. 

Meanwhile,  the  smokers 
argue  that  an  employer  can 
merely  state  his  policy  about 
smoking  —  for  instance,  no 
smoking  indoors  —  at  the 
interview  and  avoid  the 
question  altogether.  He  adds: 
“And  about  harm  to  my 
health  .  .  .  Sitting  in  front  of 
monitor  for  eight  to  10 
hours  a  day  damages  our 
health  too,  right?” 

Find  out  how  Career  Doctor 
Shaun  Kelly  responded,  then 


give  your  own  thoughts. 

DocFinder:  4330 

On  Cisco/KPMG 

Readers  are  up  in  arms 
about  Cisco  investing  more 
than  $  1  billion  in  KPMG,  a  net¬ 
work  consulting  firm. 

One  reader  writes:  “Yes, 
Cisco  may  have  secured  the 
market  with  their  very  rep¬ 
utable  routers,  but  they  have  a 
very  low  customer  satisfaction 
interest  in  their  agenda.  I  call  it 
‘monopolistic  arrogance’  in  its 
worst  case.” 

Others  say  Cisco’s  decision 
was  borne  from  Lucent’s  buy¬ 
out  of  INS.  “I  see  this  as  a  stab 
at  Lucent  for  purchasing  INS, 
which  is  probably  where  the 
consultants  are  coming  from,” 
another  reader  writes.  “There 
are  only  a  few  shops  left  that 
are  capable  of  selling  and 
implementing  Cisco  without 
being  Cisco-ized.  KPMG 
should  rename  its  Cisco  arm 
for  clarification  from  its 
accounting  arm.” 


What  do  you  think:  Is  this 
partnership  good  or  bad  for 
KPMG  customers? 

DocFinder:  4242 

Digging  into  DSL 

Want  all  your  digital  sub¬ 
scriber  line  information  in 
one  place?  Want  to  be  kept  up 
to  date  on  the  latest  changes 
in  the  DSL  market?  Want  to 
find  out  about  rate  changes 
and  technology  advances  at 
the  click  of  a  mouse  button? 
This  week,  we’re  rolling  out 
our  DSLAlert  area  to  keep  you 
apprised  of  all  the  hot  DSL 
news  and  views  from  around 
the  country.  We’ll  also  have 
primers,  links  to  DSL  re¬ 
sources  and  an  archive  of  all 
our  DSL  coverage.  This  is  one 
page  you’ll  definitely  want  to 
bookmark. 

DocFinder:  433 1 

Help  Desk 


Ron  Nutter  addresses  a 
newcomer’s  virus  concerns. 
The  network  administrator 


says  he  is  worried  about  the 
latest  strain  of  viruses,  includ¬ 
ing  Melissa,  and  wants  to 
know  what  he  can  do.  “My 
concern  is  that  I  seem  to 
have  inherited  a  patchwork 
solution  —  the  workstations 
are  using  two  different  anti¬ 
virus  products,  and  the 
servers  either  have  or  don’t 
have  antivirus  protection 
installed.  Is  there  any  one 
package  that  will  help  pro¬ 
tect  us?”  Find  out  what 
Nutter  recommends  in  this 
week’s  Help  Desk. 

DocFinder:  4332 


Ron  Nutter  is  standing  by 
to  answer  your  network 
questions.  Read  his  col- 
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Editorial  Insights 

Policy-based  networks: 
Easier  said  than  done 

II  you  listen  to  vendors  and  analysts,  the 
Next  Big  Thing  is  convergence,  that  magi¬ 
cal,  mystical  merging  of  voice,  data  and 
video  onto  one  high-speed  IP-based  net. 

In  theory,  it  sounds  great.  You  reduce  the 
complexity  of  your  network,  you  save  money 
by  running  voice  over  IP  and 
you  get  to  introduce  spifty 
new  video  applications. 

But  the  devil  is  in  the  de¬ 
tails,  and  if  you  take  a  hard 
look  at  what’s  entailed  in  im¬ 
plementing  IP-based  quality  of 
service  (QoS)  through  policy- 
based  networking,  your  head 
may  start  to  spin  like  Linda 
Blair’s  in  “The  Exorcist.” 

For  starters,  a  typical  policy- 
based  network  includes  a 
policy  console,  a  Lightweight  Directory  Access 
Protocol-based  policy  repository,  a  policy  server 
and  a  policy  enforcement  point  (PEP).The 
policy  server  talks  to  the  PEP  through  a  new 
protocol  called  Common  Open  Policy  Service. 
And,  of  course,  you  need  a  policy  server,  policy 
repository  and  PEP  at  each  remote  office. 

Once  you’ve  got  all  that  set  up,  you  need 
policies.  Policies  are  business  objects  translated 
into  sets  of  rules  that  are  represented  as  data 
structures,  following  the  Policy  Framework 
Core  Information  Model.  Hey,  no  problem. 

And  once  you’ve  got  all  that  sorted  out,  you 
have  to  implement  draff  QoS  standards  such  as 
Differentiated  Services  (Diff-Serv),  Resource 
Reservation  Protocol  and  802.  Ip.  Under  the 
Diff-Serv  model,  it’s  up  to  the  network  manager 
to  configure  algorithms  on  an  interface-to-inter- 
face  basis  so  all  packets  are  classified,  marked, 
policed  and  shaped.That’s  where  you  get  to 
choose  between  algorithms  such  as  weighted 
fair  queuing,  class-based  queuing  or  the  ever- 
popular  class-based  weighted  fair  queuing. 

How  many  network  managers  will  it  take  to 
set  this  up?  How  many  will  it  take  to  monitor 
these  systems,  create  access  control  lists,  set 
algorithms  and  policies,  and  change  policies? 

And  that’s  just  the  technical  part  of  it.  Let’s 
talk  politics.  Who  decides  whether  an  SAP  user 
is  more  important  than  an  IP  phone  user? 
Which  traffic  gets  higher  priority,  video  of  the 
monthly  sales  meeting  or  the  CEO’s  e-mail?  And 
who  breaks  the  news  to  the  CEO? 

Convergence  may  eventually  provide  real 
business  benefits,  but  at  this  point  I  wouldn’t  bet 
my  network  on  immature  products,  imtested 
protocols  and  evolving  standards.  Especially  in  a 
marketplace  in  which  prices  for  traditional  voice 
traffic  and  WAN  bandwidth  are  falling. 

—  Neal  Weinberg 
Features  editor 
n  u  mnberg@nww.  com 
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Bureaucratic  insights 

I  enjoyed  your  feature  “Botched  by  bureau¬ 
cracy,”  about  the  Department  of  Defense’s 
efforts  to  improve  the  security  of  its  nonclassi- 
fied  networks  (Aug.  2,  page  1). 

Until  recently,  I  was  the  chief  for  the  Army 
U.S.  Regional  Computer  Emergency  Response 
Team  (CERT).  For  five  years,  we  have  been 
building  toward  getting  CERT  operational.  We 
now  have  regional  CERTs  in  Europe,  the  U.S.  and 
the  Pacific. They  are  integrated  with  our  major  net¬ 
work  and  systems  management  centers,  and  are  an 
active  part  of  our  day-to-day  operations. 

Just  like  our  counterparts  in  the  Air  Force  and 
Navy,  we  have  built  security  into  our  programs  and 
made  local  commanders  accountable  for  then- 
actions,  despite  the  paper  shuffling  and  pontifica- 
tion  going  on  inside  the  beltway.  We  down  at  the 
unit  levels  would  just  love  to  get  some  of  those 
beltway  dollars,  but  seldom  do  they  make  it  down 
to  this  level. 

Five  years  ago,  nobody  understood  or  wanted  to 
fund  information  operations  security.  It  has  taken 
many  pushes  from  the  bottom  up  —  and  some  for¬ 
ward-thinking  commanders  —  to  pull  resources  to 
help  us  get  started.  It  has  been  fun,  but  brutal  for 
those  of  us  in  the  trenches  who  have  to  do  the  day- 
to-day,  hands-on  work. 

Tony  Fogle 
Computer  specialist 
Army  Signal  Command 
Fort  Huachuca,  Ariz, 

I  was  one  of  the  people  recruited  by  the 
Defensewide  Information  Systems  Security  Program 
(DISSP).Your  article’s  statements  about  the  Defense 
Information  Systems  Agency  (DISA)  raiding  DISSP 
for  money  are  true.  We  were  the  cash  cow,  and 
DISA  treated  us  like  an  unwanted  stepchild. 

In  addition,  personnel  slots  were  taken  away 
from  DISSP  and  given  to  other  pet  projects,  while 
DISSP  remained  responsible  for  providing  security 
for  those  projects.  We  had  seven  chiefs  in  three 
years,  and  those  of  us  who  worked  for  DISSP  and 
believed  in  its  mission  were  never  sure  who  our 


Send  letters  to  nwnews@nww.com  or  John 
Gallant,  editorial  director,  Network  World, 
161  Worcester  Road,  Framingham,  MA 
01 701.  Please  include  phone  number  and 
address  for  verification. 
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director  would  be,  how  much  money  was  left 
in  the  budget  and  whether  we  would  still  be 
in  existence  from  day  to  day.  I  am  glad  to  see 
someone  begin  to  uncover  DISA  mismanage¬ 
ment  and  nonsupport  of  this  critical  area. 

An  ex-DISSP  employee 
San  Antonio,  Texas 

A  VOTE  FOR  SWITCH 
TESTING 

Regarding  Kevin  Tolly’s  column  “Switch  testing 
roll  call:  On  board  or  AWOL?”  (July  26,  page  22): 

My  company  recently  made  the  decision  to  go 
with  a  Cisco  switch  rather  than  one  from  3Com. 
Tests  like  the  one  Tolly  is  trying  to  perform  are  very 
important  to  us  in  making  decisions;  otherwise,  all 
we  have  to  rely  on  is  vendor  hype.  Valid  testing 
from  independent  firms  like  Tolly’s  is  very  useful 
for  determining  which  vendors  to  consider  and 
which  products  stand  up  to  testing. 

Gary  Werling 
Senior  network  analyst 
The  Andersons,  Inc. 

Maumee,  Ohio 

Not  sold  on  this 

Your  news  brief  “There’s  still  time  to  dust  off  the 
resume”  (July  26,  page  8)  states:  “The  IT  job  market 
continues  to  belong  to  the  sellers.” 

The  writer  does  not  understand  how  markets 
operate.  In  any  market,  it’s  up  to  the  seller  to  con¬ 
vince  the  potential  buyer  that  it’s  in  his  interest  to 
trade  his  money  for  the  seller’s  products  or  services. 
The  seller  has  a  product  or  service  that  he  needs  to 
sell.The  potential  buyer  is  not  under  any  obligation 
to  buy  anything.  This  is  as  true  in  the  IT  labor  market 
as  in  the  market  for  any  other  product  or  service. 

It  takes  a  lot  of  work  to  get  a  job  offer,  just  as  it 
takes  a  lot  of  work  to  sell  any  product  or  service.  In 
comparison,  it’s  very  easy  to  buy  something. There 
are  always  plenty  of  sellers  who  are  willing  to  take 
your  money,  as  long  as  you’re  willing  to  pay  the 
market  price. 

Seth  Allen 
Alexandria,  Va. 
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Totally  Unplugged  .  Ira  Brodsky 

IT  MANAGERS,  THIS  IS  YOUR  WIRELESS  DATA  WAKE-UP  CALL 


We  have  seen  a  number  of  exciting  wireless 
data  developments  over  the  past  year. 
BellSouth  Wireless  Data  has  teamed  with 
Fidelity  Investments  to  offer  wireless  stock 
trading.  Low-cost  wireless  LANs  have  been 
developed  for  the  home  and  small  office. 
WinStar,  Teligent  and  Advanced  Radio  Telecom  are 
selling  high-speed  wireless  services  as  an  alternative 
to  laying  fiber. 

But  the  recent  announcement  from  Sprint  PCS 
should  prove  the  turning  point  for  wireless  data. 

Late  next  month,  Sprint  PCS  will  roll  out  wireless 
data  service  nationwide. This  is  not  another  trial  or 
limited  deployment.  Service  will  be  available  coast- 
to-coast  over  Sprint  PCS’  massive  network  of  more 
than  11,000  base  stations. That’s  roughly  five  times 
as  many  base  stations  as  the  two  competing  nation¬ 
wide  wireless  data  services,  BellSouth  Wireless  Data 
and  ARDIS,  have  combined. 

Unlike  other  wireless  data  services,  this  one  will 
not  require  special  radio  modems  or  handsets.  It  will 
work  with  most  Sprint  PCS  phones,  including  models 


from  Motorola,  Nokia,  Qualcomm  and 
Samsung.  Thus,  from  now  on  virtually 
everyone  who  signs  up  for  Sprint  PCS’ 
wireless  telephone  service  will  have  a 
data-capable  phone. 

Sprint  PCS  will  offer  a  variety  of 
wireless  data  services.  A  “push”  service 
will  deliver  news,  stock  prices  and 
other  time-critical  information  directly  to  handsets’  dis¬ 
plays.  Circuit-switched  data  service  will  let  users  who 
purchase  the  data  connectivity  kit  access  the  Internet 
at  14.4K  bit/sec  from  their  notebook  PC,  personal  dig¬ 
ital  assistant  or  Windows  CE  device  using  their  exist¬ 
ing  Web  browser  or  e-mail  program.  A  third  service 
will  enable  users  who  purchase  smart  phones 
equipped  with  microbrowsers  to  access  the  Internet 
and  intranets  right  from  their  handsets. 

This  will  be  the  first  wireless  data  service  robust 
enough  to  do  pretty  much  anything  a  dial-up  modem 
can  do.  Although  it  will  run  at  just  14.4K  bit/sec,  it  will 
use  dedicated  connections  and,  consequently,  offer 
users  more  throughput  than  packet  radio  networks 


running  19. 2K  bit/sec.  And  pricing  is  flexi¬ 
ble:  users  can  either  pay  for  data  minutes  as 
they  use  them  or  buy  bundles  of  voice/data 
minutes  on  a  monthly  basis. 

Does  the  Sprint  PCS  announcement 
mean  wireless  data  will  be  an  instant  hit? 
No.  But  it  will  let  millions  of  people  try' 
wireless  data  without  first  having  to  make  a 
big  investment.  In  addition,  it  puts  pressure  on  other 
wireless  telephone  operators  to  offer  comparable 
data  services. 

Most  veteran  IT  managers  have  seen  their  share  of 
wireless  data  false  alarms.  But  they  would  be  wise 
not  to  ignore  this  announcement  because  wireless  is 
key  to  extending  electronic  commerce  to  every¬ 
where  business  is  transacted. The  applications  for 
wireless  data  have  always  been  real.  Now  there  will 
finally  be  a  real  wireless  data  service. 

Brodsky  is  president  of  Datacomm  Research  Co., 
a  consultancy  in  Chesterfield,  Mo.  He  can  be 
reached  at  ibrodsky@datacommresearch.com. 


Industry  Commentary  .  Frank  Dzubeck 

Application  service  providers:  An  old  idea  made  new 


Well,  it  had  to  happen.  With  the  advent  of  the 
application  service  provider  (ASP),  the  cycle 
of  computing  trends  has  come  full  circle.  The 
introduction  of  outsourced  Web-based  shared 
resource  business  applications  has  returned 
us  to  the  bygone  days  of  service  bureaus  and 
time-sharing.  The  computer  applications  have  changed 
from  payroll  to  enterprise  resource  planning  (ERP),  and 
the  communications  have  changed  from  private-line 
SNA  or  TTY  dial-in  to  IP-based  Internet,  intranet  and 
extranet  access  —  a  new  age  but  the  same  old  idea. 
Has  Intel  and  Microsoft’s  worst  nightmare  come  true? 

Is  this  the  end  of  personal  computing  and  the  enter¬ 
prise?  Is  the  ASP  market  real? 

While  ASPs  may  not  have  Intel  and  Microsoft  cow¬ 
ering  in  terror,  they  do  represent  a  significant  concern 
for  the  Wintel  consortium.The  main  beneficiary  of 
ASPs  is  the  midtier  market.  For  small  businesses,  out¬ 
sourcing  business  application  software  and  computing 
services  to  an  ASP  is  cost-prohibitive.  The  business 
applications  in  this  tier  of  the  market  are  few  and  sim- 
ple.The  small  business  can  make  do  with  a  small  LAN 
and  a  PC-based  desktop  and  server  environment,  using 
the  Web  for  WAN  communication  and  perhaps  out¬ 
sourcing  home  page  and  e-mail  operations  to  an  ISP 
The  majority  of  large  enterprises  already  have  out¬ 
sourced  or  are  contemplating  outsourcing  internal 
IT  operations  to  a  third  party  and  their  Web  applica¬ 
tions  to  a  content-host-based  ISP.  Economics  drives 
this  market,  but  application  control,  security  and 
legacy  data  force  the  high-end  tier  to  adopt  a  dedi¬ 
cated  operations  environment  rather  than  a  shared 
multicompany  environment. 

This  leaves  the  midtier  market.  Most  enterprises  in 
this  market  cannot  afford  to  outsource  IT  operations. 


In  addition,  this  tier 
needs  applications  that 
exist  in  the  large  enter¬ 
prise,  such  as  ERP  and 
customer  relationship 
management. These  fac¬ 
tors  make  midtier  com¬ 
panies  the  naairal  mar¬ 
ket  for  the  ASP 

In  addition,  the  mid¬ 
tier  market  is  the  home 
territory  of  the  IBM 
AS/400  and  S/390,  as 
well  as  Sun,  Hewlett- 
Packard  and  Compaq/ 
DEC  machines.These 
P  will  be  the  computing 
platforms  of  the  ASF!  not 
Wintel,  and  the  LAN-based  servers  will  be  downgraded 
to  office  application  devices.  Access  to  the  ASP  will  be 
via  the  Web  for  extranet  applications  and  a  virtual  pri¬ 
vate  network  (VPN)  for  Intranet  applications. 

In  the  world  of  ASPs,  both  personal  computing 
and  the  enterprise  will  survive  —  but  with  a  twist. 
Small  businesses  will  rely  more  on  services  from 
suppliers  such  as  vendors,  banks,  accountants  and 
associations.  They  will  use  the  Web  as  a  business 
tool  rather  than  a  communications  tool.  However, 
the  main  applications  of  small  businesses  will  still 
be  on  the  premises  on  a  server  and  PC. 

The  midtier,  though  outsourcing  to  an  ASF!  will 
change  its  operational  characteristics,  placing  less 
emphasis  on  IT  operations  and  development,  and 
more  on  business  growth  through  the  productive  use 
of  IT.  Managing  and  monitoring  the  ASP’s  performance 


will  replace  operations  and  applications  development. 
The  large  enterprise  will  flourish,  with  demands  for 
increased  bandwidth,  reduced  response  time  and  new 
Web-based  transaction/database  applications  driving 
the  upgrade  of  the  desktop,  LAN/WAN  and  servers. 

The  ASP  business  definitely  is  real.  In  fact,  most 
industry  watchers  see  ASPs  becoming  a  big  busi¬ 
ness.  International  Data  Corp.  predicts  that  the  com¬ 
pound  annual  growth  rate  of  ASPs  will  be  91%,  going 
from  zero  in  1998  to  $2  billion  by  2003.  This  esti¬ 
mate  is  low  in  comparison  with  the  predictions  of 
some  investment  banking  firms. 

My  firm’s  research  indicates  that  ASP  market  esti¬ 
mates  on  a  worldwide  basis  are  accurate  in  the  short 
term  but  inaccurate  for  the  long  term. 'Hie  midtier 
market  —  the  target  market  for  ASPs  —  is  much  larger 
overseas  than  in  the  U.S.As  with  all  Web-based  techno¬ 
logical  evolutions,  the  ASP  business  has  started  in  the 
U.S.,  but  it  will  become  a  booming  business  in  Europe 
by  2001  and  in  Asia  by  2003.  Corporate  conserv  atism 
will  dictate  the  rate  of  adoption  throughout  the  world, 
but  economic  conditions  and  competitive  market 
pressure  are  likely  to  accelerate  adoption.The  worse 
the  economic  conditions  or  the  greater  the  competi¬ 
tive  environment,  the  greater  the  adoption  rate. 

Whether  ISPs  will  evolve  into  ASPs  is  open  to  de¬ 
bate.  What  is  clear  is  that  ASPs  are  a  natural  evolution 
of  the  computing  marketplace,  just  as  VPNs  are  an 
evolution  of  the  communications  market. Tltey  are 
here  to  stay  and  will  serve  the  market  well  as  an 
updated,  more  productive  reincarnation  of  the  past. 

Dzubeck  is  president  of  Communications 
Network  Architects,  an  industry  analysis  firm  in 
Washington,  D.C. 
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Bel!  Atlantic  Data  Solutions  Group 


better 


Information  and  communication. 

Leveraged  by  the  right  networking  solution,  they  can 
take  your  business  farther  than  you've  ever  dreamed 
possible.  Instantly  turning  ideas  into  actions.  Concepts 
into  customers.  And  all  your  human  and  data  resources 
into  a  single,  powerful,  integrated  tool. 

At  Bell  Atlantic  Data  Solutions  Group,  we 

place  the  power  of  this  unprecedented  technology 
revolution  at  your  disposal.  By  creating  specialized 

one-on-one  relationships  that  give  us  a  unique 
understanding  of  your  needs,  we're  able  to  generate 
business-enhancing  solutions  in  such  areas  as: 


b  u 


Managed  Internet  Security 
IP  Virtual  Private  Networks 
Internet  Access  Services 
Web  Hosting 
Extranet  Services 


If  you're  ready  for  a  Net  designed 
to  help  you  catch  more  business,  call 

Bell  Atlantic  Data  Solutions  Group: 

1-800-453-1806. 
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■  Managed  Electronic  Messaging 

■  LAN  and  WAN  Management 
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Defending  against 

CYBER- 


ATTAP1C 

A.  1  1  Av>J\ 


While  foreign  enemies  train  cyberweapons  at  private  networks , 
government  anti  private  industry  spar  over  defense  strategy. 


BY  DEBORAH  RADCLIFF 

n  the  midst  ofYear  2000  chaos,  key  power  grids  across  the  coun¬ 
try  go  dark,  telecommunications  and  data  networks  crash,  and 
emergency  services  are  crippled. 

Even  worse,  public  switched  telephone  network-based  leased 
lines  that  carry  military  communications  are  toast.  Military  bases, 
powered  by  public  gas  and  electric,  are  knocked  out.  And  troop 
movement  is  disrupted  because  railway,  seaport  and  airport  traf¬ 
fic  is  at  a  standstill. 

But  this  is  not  a  Year  2000  problem.  It’s  just  a  convenient 
smokescreen  that  the  enemy  hides  behind  when  it  launches  a  cyber¬ 
war  —  and  America  has  just  lost. 

It’s  a  war  in  which  no  bombs  are  dropped,  no  guns  are  fired,  no 
blood  is  shed.  But  America’s  infrastructure  is  nevertheless  left  in  ruins. 
In  this  scenario,  the  weapon  of  mass  destruction  is  technology;  the 
militia,  an  army  of  foreign  hackers  bent  on  taking  down  key  services 
vital  to  the  nation’s  stability. 

Could  this  really  happen?  Absolutely,  says  Deputy  Assistant  FBI 
Director  Michael  Vatis,  who  heads  a  new  cyberdefense  agency,  the 
National  Infrastructure  Protection  Center  (NIPC). 

“In  the  information  age,  our  critical  infrastructures  —  services  vital 
to  our  national  economy  and  stability  —  are  subject  to  debilitating 
remote  attacks  that  can  shut  them  down.  Already,  weapons  of  mass 
destruction  —  computer  viruses  and  attacks  that  can  overflow  buffers 
and  shut  networks  down  —  are  available  off  the  Web. 

“We  have  concrete  information  about  several  foreign  countries  that 
are  developing  programs  to  target  the  U.S.  and  our  critical  infrastruc¬ 
ture  in  particular,”  he  continues. “I  just  can’t  say  publicly  what  countries 
those  are.” 

The  U.S.  government  takes  this  threat  so  seriously  that  President 


Clinton  last  May  ordered  a  full-scale  mobilization  to  defend  the  nation 
against  cyberattack.  Clinton’s  directive  called  for  the  creation  of  a  num¬ 
ber  of  programs  ranging  from  the  FBI-managed  NIPC  to  industry-specific 
centers  for  the  sharing  of  information  between  private  companies  and 
the  government  (see  story,  page  52). 

However,  the  creation  of  these  Information  Sharing  and  Analysis 
Centers  (ISAC)  and,  in  fact,  the  whole  effort  to  develop  a  public-private 
partnership  on  security,  is  on  shaky  ground  because  companies  are 
very  reluctant  to  share  network  security  information  with  the  feds. 

The  concern  about  government  intrusion  into  private 
security  matters  made  the  front  pages  late  last  month 


when  the  Electronic  Privacy  Infor¬ 
mation  Center  (EPIC)  in  Washington, 
D.C.,  sounded  alarms  concerning 
potential  federal  monitoring  of 
private-sector  networks. 

EPIC  went  so  far  as  to  charge  that  a 
newly  announced  federal  intrusion- 
detection  network  (FIDNET)  will  link 
directly  to  the  private  industry  sector 
information  sharing  groups. 

That  charge  was  denied  by  Sally 
McDonald,  spokeswoman  for  the 
General  Services  Administration, 
which  manages  information  services 
and  information  security  for  the  fed¬ 
eral  government.  She  says  the  yet-to- 
be-defined  FIDNET  will  in  no  way 
link  to  private  sector  networks. 

But  EPIC’S  general  concerns  are 
shared  by  many  in  the  business  com- 


Upshot 


Cyberterrorists  may  be  plotting 
attacks  against  U.S.  telecom  and  utility 
company  networks  in  an  attempt  to 
bring  the  country  to  its  knees.  The  gov¬ 
ernment  wants  private  companies  to 
participate  in  a  two-way  sharing  of 
security  information,  but  business 
leaders  aren't  sure  they  want  to  play 
ball  with  the  feds. 
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munitv,  even  by  those  who  are  on  board  and  working 
to  build  this  cyberdefense  system. 

“The  government  wants  to  facilitate  private  industry 
taking  care  of  itself  This  means  building  trust  in  the 
partnership,  and  government  has  not  done  a  good  job 
handling  this  in  the  past,  "  says  Nancy  Wong,  a  Pacific 
teas  and  Electric  security  expert  who  has  taken  a  leave 
of  absence  to  work  with  federal  officials  on  the  cyber¬ 
war  defense  project. “That  is  the  difficulty  and  chal¬ 
lenge  that  [the  government  and  FBI  are]  having  now.” 


For  example,  there’s  already  bad  blood  between 
the  software  industry  and  the  FBI  over  the  sticky 
issue  of  government  controls  over  encryption 
exports.  And  industry  leaders  are  adamant  that  any 
information  they  provide  on  attempts  to  hack  into 
their  networks  or  the  results  of  security  evaluations 
be  reported  anonymously. 

The  goal,  from  the  government’s  side,  is  a  two-way 
sharing  of  information.  Federal  agencies  will  share 
information  on  threats,  vulnerabilities,  orchestrated 
attacks,  assessment  services  and  network  security 
products  (patches,  vendor  product  recommendations 
and  others)  to  the  private  sector  through  the  ISACs. 

In  turn,  the  feds  hope  the  ISACs  will  push  the  same 
information  from  the  private  sector  to  the  appropri¬ 
ate  government  agencies. 

But  many  issues  need  to  be  resolved  before  that 
happens.  While  some  private  sector  groups  are 
answering  the  call  to  create  these  centers,  the  issue  of 
anonymity  remains  undecided. 

The  feds  say  they  need  some  way  to  verify  the 
source  of  the  information,  and  they  can’t  do  that  if 
it  comes  in  anonymously,  says  Guy  Copeland,  vice 
president  of  information  infrastructure  protection 
advisory  programs  for  Computer  Sciences  Corp., 
an  $8  billion  technology  services  company  in 
Washington,  D.C.  Copeland  sits  on  the  National 
Security  Telecommunications  Advisory  Committee 
(NSTAC),  an  18-year-old  presidential  advisory  board 
that  is  positioning  itself  to  become  the  ISAC  for  the 
telecom  industry. 


Therefore,  industry  leaders  are  taking  a  wait-and- 
see  approach  to  sharing  information  with  the  govern¬ 
ment,  he  says. 

The  financial  services  sector  plans  to  build  and 
maintain  an  ISAC,  says  Steve  Katz,  chief  information 
security  officer  for  CitiGroup  in  New  York.  But  at 
this  point,  the  financial  services  ISAC  plans  only  to 
receive  information,  but  not  send  any  to  the  govern¬ 
ment,  he  says. 

Katz  adds  that  if  the  industry  does  agree  to  send 

information  back  to  the  gov¬ 
ernment,  it  will  do  so  only 
with  a  “tremendous  firewall” 
between  government  and 
the  private  sector. 

The  FBI  and  other  federal 
players  involved  in  the  pro¬ 
ject  are  well  aware  of  indus¬ 
try  concerns  and  are  making 
a  concerted  effort  to  over¬ 
come  them.  For  example,  the 
FBI,  with  the  help  of  industry 
executives,  is  training  214 
field  agents  to  understand  business  culture  and  fears  of 
lost  privacy.  So  far,  these  agents  have  learned  the  busi¬ 
ness  ropes  from  folks  in  the  telecom  and  energy  indus¬ 
tries,  with  more  training  to  come  from  other  vertical 
industry  executives,  the  FBI’s  Vatis  says. 

The  federal  agencies  have  also  recruited  private- 
sector  professionals,  such  as  Pacific  Gas  and  Electric’s 
Wong,  to  better  manage  business  concerns. 

Wong  says  she’s  had  many  a  conversation  with 
political  decision  makers  who  think  the  solution  is  to 
“regulate  software  makers”  or  dictate  security  mea¬ 
sures  in  private  industry.  Each  time,  she  tells  them  that 
the  Constitution  —  and  American  business  leaders  — 
won’t  stand  for  it. 

To  better  reach  business  leaders,  she  advises  the 
feds  to  present  infrastructure  vulnerabilities  as  a  busi¬ 
ness  problem  instead  of  an  “information  war”  —  a 
term  at  which  Wong  crinkles  her  nose.  After  all,  infor¬ 
mation  security  is  directly  tied  to  a  company’s  bottom 
line. A  breach  of  infrastructure  networks  could  inter¬ 
rupt  the  business  processes,  resulting  in  lost  customer 
and  shareholder  confidence,  even  the  company’s  via¬ 
bility;  and  that’s  what  is  important  to  the  private  sec¬ 
tor,  she  says. 

In  spite  of  this  natural  tug-of-war,  private  sector 
companies  are  coming  around  to  help  the  govern¬ 
ment  protect  them  against  what  they  feel  is  a  serious 
threat,  Katz, Wong  and  others  say. 

“I  have  worked  with  a  great  many  difficult  projects 
in  my  life,  and  this  is  by  far  the  most  difficult,”  says 
William  Harris,  a  former  member  of  a  federal  commis- 


"We  have  concrete  infor¬ 
mation  about  several 
foreign  countries  that 
are  developing  programs 
to  target  the  U.S." 

Michael  Vatis,  deputy  assistant  director,  FBI 


BRIDGING  THE  GAP  ^ 


Two  years  ago,  Nancy  Wong  took  a  leave  of  absence  from  her  job  as  director  of  information  assets  for 
Pacific  Gas  and  Electric  Company  in  San  Francisco  to  work  with  government  and  private  industry  on 
security  issues. 

'  When  we  did  focus  groups  in  1997,  the  overwhelming  issue  was  lack  of  awareness,"  she  says. 

She  tells  the  story  of  an  electric  company  that  installed  intrusion  detection  and  caught  more  than 
100,000  unauthorized  intrusions  into  its  network  over  three  months  — 10  of  which  warranted  investiga¬ 
tion.  Another  problem  she  discovered:  "Too  many  companies  were  running  proprietary  information  over  the 
Internet  as  if  it  were  secure." 

When  considering  the  value  of  your  company's  information  assets,  Wong  suggests  asking  three  questions: 
What  impact  does  a  catastrophic  event  have  on  business  viability?  What  impact  does  it  have  on  your  ability  to 
deliver  service  to  your  customers?  What  impact  does  this  have  on  your  company's  risk,  liability  and  relation¬ 
ship  with  investors? 


CLINTON  DRIVES 
NEW  PROGRAMS 


Presidential  Decision  Directive  63  spawned 
a  number  of  programs,  including: 

•  The  Critical  Infrastructure  Assurance 
Office,  a  policy  and  planning  office. 

•  The  National  Infrastructure  Protection 
Center  (NIPC)  headed  by  the  FBI,  which 
has  already  launched  an  education  campaign 
geared  toward  raising  awareness  among  affect¬ 
ed  industries.  The  NIPC  gathers  intelligence  and 
threat  information,  and  passes  it  on  to 
private  industry.  The  group  also  responds 
to  serious  networked  system  attacks. 

•  Information  Sharing  and  Analysis 
Centers  (ISAC),  which  will  be  formed  by  industry 
sectors  to  share  sensitive  information,  explore 
the  impact  of  widespread  attack  and  establish 
contingency  pians. 

The  presidential  directive  calls  for  the  ISACs 
to  be  up  and  running  by  the  end  of  2000  and  for 
the  program  to  be  fully  operational  by  2003. 


sion  on  the  topic.  “This  problem  requires  a  true  part¬ 
nership  between  government  and  industry. There’s 
such  an  enormity  of  consequences  if  we  don’t  do  the 
right  thing.” 

Another  shaky  trust  issue:  the  wording  of  the  presi¬ 
dential  directive  allows  for  government  intervention 
should  it  be  deemed  necessary. The  FBI  and  the 
Federal.  Emergency  Management  Agency  (FEMA)  are 
granted  the  authority  to  “coordinate  the  rapid  recon¬ 
stitution  of  minimum  essential  capabilities  in  the 
aftermath  of  an  attack.” 

“If  private  industry  doesn’t  take  care  of  itself,  that’s 
when  the  government  will  have  to  step  in ’’Wong 
wams.Thus  far,  FEMA  has  made  it  clear  that  it  will  keep 
its  distance  from  the  cyberdimension, Wong  says. 
“FEMA  only  wants  to  get  involved  when  it  sees  the 
physical  disruption  occur,”  she  adds.That  means 
bombs,  debilitating  natural  disasters  or  other  physical 
sabotage  that  would  knock  out  vital  services. 

In  addition,  federal  and  emergency  response  agen¬ 
cies  need  to  figure  out  how  they  will  integrate  with 
one  another. And  the  legal  system  needs  to  catch  up 
with  21st-century  cybercrime. 

There’s  one  more  giant  hitch  to  the  president’s  pro¬ 
gram:  When  Clinton  leaves  office,  all  this  work  could 
be  for  naught  because  his  directive,  a  Presidential 
Decision,  is  valid  only  as  long  as  he’s  in  office.  For  the 
infrastructure  protection  program  to  live  on,  Clinton 
must  sign  a  Presidential  Executive  Order. 

Rcidcliff  is  a  freelance  writer  in  northern 
California.  She  can  be  reached  at  DeRad@ 
aol.com. 


““"Online 

•  Information  on  how  to  protect  your 
company  from  cyberattack. 

•  Links  to  government  agencies. 
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Today  Gestetner,  the  name  with  an  unparalleled  reputation  for  service  and  reliability  is  also  the  name  for  advanced  digital 
imaging  solutions.  With  a  full  line  of  leading  edge  digital  imaging  systems  that  offer  unsurpassed  output  quality  and  enhanced 
productivity.  And  are  capable  of  connecting  to  one  computer  or  a  whole  network. 

To  find  out  why  Gestetner  is  the  name  more  and  more  office  professionals  are  turning  to,  call  1-800-765-7746  or  visit  our 
website  at  www.gestetnerusa.com. 

Gestetner 
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RippleTech  LogCaster  can  help... 


You  wrote,  implemented,  and  tested  your  Y2K  Plan  -  now 
it's  time  to  monitor  the  slightest  ripple  in  your  environment. 
With  RippleTech  LogCaster  you  can  monitor: 

•  Performance  -  establish  a  baseline  so  you'll  know  if  a  Y2K  glitch 
causes  runaway  processes 

•  Security  -  increase  your  resistance  to  the  invasion  of  hackers  taking 
advantage  of  Y2K 

•  Event  logs  -  detect  the  earliest  symptoms  of  system  problems 

•  Services  -  ensure  services  are  functional  and  have  not  died  due  to 
a  Y2K  problem 

•  Networks  -  be  sure  that  data  gets  to  its  proper  destination  and  the 
devices  are  operational 

•  ASCII  logs  -  ensure  the  health  of  applications  that  report  to  them 


Plus  RippleTech  LogCaster  filters  through  a  tremendous  amount  of  data, 
reporting  only  the  important  events  and  automatically  responding  to 
problems  with  pre-configured  Corrective  Actions. 

Download  a  free  evaluation  of  RippleTech  LogCaster,  complete  with 
"Quickstart  Evaluation  Support",  and  start  monitoring  the  health  of 
your  environment  today.  For  more  information  visit  our  Web  site  or 
call  us  at  (215)  321-9600. 
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NOTHING  BUT  THE  TRUTH. 


RippleTech  and  the  RippleTech  logo  are  registered  trademarks  of  RippleTech,  Inc.,  Washington  Crossing,  PA,  (215)321-9600.  Windows  NT  is  a  registered  trademark  of  Microsoft  Corporation. 
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can  keep  you  in  the  network  know  zone. 
But  choose  wisely:  The  market  is  big, 
anti  feature  sets  vary  widely. 


BY  MARTHA  YOUNG 

It’s  tempting  to  throw  more 

bandwidth  or  bigger  boxes  at  a 
sluggish  network,  but  it’s  often 
not  prudent.  A  better  approach 
is  to  first  see  if  there’s  a  way  to 
reallocate  existing  resources  to 
improve  performance. To  do  so, 
you  need  to  understand  traffic 
patterns  and  device  capacities. 

Network  monitoring  can  get 
you  started. 

Hand  in  hand  with  long-term  moni¬ 
toring,  you  need  alerting  tools  to  act 
on  immediate  problems.  Our  review 
focuses  on  how  well  six  products 
monitor  network  services  and  devices, 
alert  users  to  system  failures,  and  even 
correct  some  problems  without  user 
intervention  (see  review,  page  56). 

The  most  effective  monitoring  and 
alerting  tools  are  based  on  real-time 
and  historical  data.  Real-time  or  near 
real-time  monitoring  provides  a  snap¬ 
shot  of  current  network  activity  and 
identifies  device  failures  and  poten¬ 
tial  hot  spots.  Historical  data  estab¬ 
lishes  a  track  record  or  baseline  of 
what  is  normal  for  the  network  and 
provides  the  foundation  for  defining 
thresholds  and  balancing  loads  across 
the  network. 

The  combination  of  real-time  and 
historical  data  allows  you  to  visualize 
the  impact  of  changes  as  the  network 
expands  by  users,  applications  and 
devices.  Identifying  increased  load 
capacities  provides  tangible  justifica¬ 
tion  for  altering  a  network  design  or 
adding  resources. 

A  number  of  companies  have  devel¬ 
oped  monitoring  and  alerting  tools  —  39  vendors  con¬ 
tributed  to  our  online  Buyer’s  Guide  features  chart 
(www.nwfusion.com,  DocFinder:  4323).  Browse  it 
carefully  to  find  a  product  with  the  features  you  need. 
The  right  tool  can  quickly  provide  a  full  return  on 
investment,  while  the  wrong  tool  only  adds  to  the 
stress  of  managing  a  network. 

Understanding  a  network’s  “signature”  is  key  to 


form.A  management  station  imports 
information  collected  by  network 
devices  and  monitoring  probes  to 
automatically  create  an  integrated 
snapshot  of  network  traffic  flows,  pro¬ 
tocol  distribution  and  application 
activity  on  a  user-by-user  basis.  A  good 
monitoring  tool  provides  this  informa¬ 
tion  in  a  graphical  format  upon 
request  and  at  predefined  intervals. 

Application  baselining  measures 
application  response  time  and  is  per¬ 
formed  using  one  of  four  methods: 
single  client,  multiclient,  Remote 
Monitoring  using  embedded  or  exter¬ 
nal  probes,  and  APIs.  For  details  about 
how  each  of  these  methods  works, 
see  www.nwfusion.com,  DocFinder: 
4324. 

It  is  not  uncommon  to  exceed 
thresholds  during  system  backups, 
software  upgrades  or  month-  and 
quarter-end  fiscal  periods. To  exceed 
thresholds  at  these  times  does  not  sug¬ 
gest  a  network  is  in  dire  straits.  It  only 
illustrates  the  impact  that  certain 
processes  and  applications  have  on  a 
network  as  a  whole  and  allows  you  to 
plan  for  such  peaks. 

By  comparing  baselines  at  regular 
intervals,  you  can  identify  and  act 
upon  bandwidth  creep  and  hot  spots 
before  they  reach  a  critical  state. This 
is  the  essence  of  proactive  vs.  reactive 
network  management. 

Alerts  come  into  play  at  the  next 
level  of  network  monitoring,  as  prob¬ 
lems  escalate.  Audible  alerts  are  handy 
if  a  management  console  is  monitored 
24-7.  If  that’s  not  the  case  at  your  site, 
you’ll  want  to  look  for  more  flexible 
notification  techniques,  such  as  user- 
defined  scripts  capable  of  dialing  a  pager  or  cellular 
telephone  number. 

The  most  useful  user-defined  scripts  can  sort  alerts 
based  on  the  nature  of  the  problem  and  immediately 
direct  the  most  critical  alerts  to  senior  support  staff, 
for  example. 

Many  monitoring  and  alerting  tools  go  even  further, 
offering  suggestions  for  correcting  the  network  fault 


understanding  the  whole  network  and  establishing 
what  is  normal  behavior  for  any  point  in  time  in  the 
monitoring  cycle. A  network’s  signature  is  a  profile  of 
the  peaks  and  valleys  of  utilization  and  everything  in 
between.  It’s  composed  of  network  baselining  and 
application  baselining  information. 

Network  baselining  depends  on  topology  maps 
obtained  from  an  underlying  SNMP  management  plat- 


IMetwork  monitoring  and  alerting  tools 


Inside  Review:  Keep  tabs  on  your  network's  health  from  any  workstation  with  MediaHouse  Software's  Enterprise  Monitor  5.2  —  the  top  scorer  in  our  hands-on  tests  of 
six  network  monitoring  and  alerting  products.  Page  56. 


Online  Interactive  Buyer's  Guide:  Use  our  customizable  tools  to  compare  monitoring  and  alerting  software  from  39  vendors,  www.nwfusion.com,  DocFinder:  4323. 


•  3Com 

•  Compuware 

•  Fluke 

•  International  Network  Services 

•  LANQuest 

•  Network  Associates 

•  Resonate 

*  Telco  Research 

•  Apogee  Networks 

•  Dartmouth  College 

•  Frontline  Test  Equipment 

•  ION  Networks 

•  Loran  Technologies 

•  NextPoint  Networks 

•  RGE 

•  Tessler's  Nifty  Tools 

•  Avtech  Software 

•  Elron  Software 

•  Ganymede  Software 

•  Ipswitch 

•  MediaHouse  Software 

•  Opalis  Software 

•  Ripple  Technologies 

•  Tivoli  Systems 

•  BullSoft 

•  F5  Networks 

•  Heroix 

•  JSB  Software  Technologies 

•  Mission  Critical  Software 

•  Paradyne 

•  Tally  Systems 

*  Triticom 

•  Cabletron 

•  FirstSense  Software 

•  Hewlett  Packard 

•  Knozall  Systems 

•  NetScout  Systems 

•  Quallaby 

•  Tavve  Software 
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that  triggered  an  alert. 

Look  for  monitoring  software  that  offers  Web-based 
reporting  with  secured  logon  access.This  saves  time  by 
providing  access  from  any  location  using  a  common 
browser.  Make  sure  the  program  can  produce  reports 
that  correlate  information  from  diverse  sources  into  a 
meaningful  presentation  that  will  let  you  trace  a  cascade 
of  faults  to  a  specific  segment  or  device;  a  pile  of  discon¬ 
nected  reports  based  on  defined  thresholds  and  service- 


level  agreements  is  nearly  useless. 

Report  formatting  and  distribution  is  another  feature 
to  review  closely.  Customized  reports,  developed  with 
wizards,  let  you  tailor  information  to  different  recipi¬ 
ents.  Information  required  by  a  network  administrator  is 
typically  more  detailed  and  focused  than  that  required 
by  the  executive  staff,  for  example.  In  addition,  an 
administrator  may  need  to  see  reports  daily,  while  upper 
management  may  only  need  to  see  data  on  a  monthly  or 


quarterly  basis.  Automated  report  distribution  via  e  mail 
or  to  a  print  file  makes  it  easy  to  get  the  reports  to  the 
right  people  in  the  time  frame  and  format  they  prefer. 
Such  flexibility  will  help  you  get  the  most  out  of  your 
monitoring  and  alerting  software. 

Young  is  principal  of  Cutting  Edge  Information 
Group,  an  industry  analyst  firm.  She  can  be 
reached  at  martha@ceig.com. 


NET  MONITORING 
TOOLS  STAND  WATCH 


BY  TRAVIS  BERKLEY 


As  varied  as  job  descriptions  may  be,  network  pro¬ 
fessionals  share  a  common  goal: To  discover  and  fix 
any  problem  before  users  catch  wind  of  it. 

We  reviewed  six  products  designed  to  monitor  the 
health  and  availability  of  network  devices  and,  in 
some  cases,  resolve  a  problem  automatically.  The 
products  send  alerts  by  pager,  e-mail  and  pop-up  dia¬ 
log  boxes  to  notify  you  of  any  network  outage  and 
produce  reports  to  help  you  establish  baselines,  iden¬ 
tify  trends  and  spot  future  problems. 

For  the  most  part,  the  products  we  tested  focus  on 
service  and  device  availability  and  stop  short  of  really 
analyzing  traffic  flow  and  identify- 
IIU  ing  bottlenecks.  While  no  single 
product  won  every  category  we 
fc  scored,  MediaHouse  Software’s 
'Enterprise  Monitor  5.2  won  our 
Blue  Ribbon  Award  on  the  strength 
of  its  monitoring,  notification  and 
management  features. 

Heroix’s  RoboMon  7.5  placed  a 
close  second,  thanks  to  its  un¬ 
matched  reporting  features  and  thorough  documenta¬ 
tion.  RoboMon  also  stood  out  for  its  ability  to  respond 
to  and  correct  some  device  problems  through  its  local 
agents,  which  must  be  installed  on  each  machine  to  be 
monitored.  Similarly,  local  agents  gave  a  leg  up  to 
Ripple  Technologies’  LogCaster  2.1,  whose  corrective 
features  rival  those  of  RoboMon,  but  for  fewer  plat¬ 
forms.  What  hurt  LogCaster’s  score  was  the  product’s 
lack  of  a  Web  interface  and  more  involved  setup. 

Conversely,  Dartmouth  College’s  InterMapper  2.1 
is  a  breeze  to  install  and  manage,  but  lacks  the 
strength  of  the  leader’s  reporting  features.  Its  Mac- 


Reporting  options  anti 
corrective  feature  are  lacking 
in  some  monitoring  anti 
alerting  products. 


Product:  Enterprise  Monitor  5.2 

Vendor:  MediaHouse  Software 

Enterprise  Monitor  5.2  combines  strong 
monitoring  and  alerting  features  with 
ease  of  use  and  go-anywhere 
deployment. 


centricity  may  discourage  some  users.  In  addition, 
InterMapper  doesn’t  take  much  corrective  action,  nor 
do  the  other  two  products  we  tested,  WhatsUp  Gold 
4.0  from  Ipswitch  and  the  WatchDog  3.6  product  line 
fromTessler’s  Nifty  Tools. 

WhatsUp  Gold  adds  autodiscovery  features  to  the 
mix,  but  lacks  monitoring  depth.  Composed  of  individ¬ 
ual  modules  that  separately  monitor  TCP/ER  e-mail, 
communication  and  file  services, WatchDog  is  a  no-frills, 
easy-to-use  network  monitoring  toolbox. What  it  does,  it 
does  quite  well.  But  it’s  basically  limited  to  TCP/IP  ser¬ 
vices  and  only  recently  added  Windows  NT  service 
monitoring. 

Watch  and  warn 

Monitoring  features  vary  from  product  to  product. At 
the  very  least,  products  simply  check  for  device  avail¬ 
ability  on  TCP/IP  ports,  including  Simple  Mail  Transfer 
Protocol  (SMTP),  HTTP  and  telnet.  Some  products  use 
SNMP  to  retrieve  details  about  a  machine,  such  as  up¬ 
time  or  network  load.  Some  products  make  better  use 
of  the  auditing  information  built  into  NT  than  others. 

MediaHouse  Software’s  Enterprise  Monitor  set  the 
bar  for  monitoring.  It’s  capable  of  monitoring  generic 
TCP/IP  services  and  ASCII  logs  generated  by  applica¬ 
tions,  and  can  tie  into  NT  auditing  for  services  and 


events.  It  also  lets  you  create  specific  test  conditions 
for  TCP/IP  services.  For  example,  you  can  instruct 
Enterprise  Monitor  to  let  you  know  not  only  that  your 
Web  server  is  responding,  but  also  that  it’s  responding 
with  the  right  Web  page. 

For  inventory  purposes,  Enterprise  Monitor  makes 
it  easy  to  scan  your  network  and  review  the  results. 
You  can  select  a  subnet  or  have  Enterprise  Monitor 
browse  and  present  visible  Windows  domains,  and 
then  select  the  entries  you’d  like  to  monitor  by  simply 
clicking  a  checkbox. 

Ripple  Technologies’  LogCaster  can  monitor  NT  ser¬ 
vices  and  events  as  well  as  Enterprise  Monitor,  but  lacks 
some  of  its  advanced  TCP/IP  monitoring  features.  In 
addition  to  basic  TCP/IP  monitoring,  LogCaster  uses 
agents  to  tap  into  NT  services,  installing  them  automati¬ 
cally  once  you  identify  which  machines  in  the  domain 
to  monitor. 

Unlike  the  other  packages  we  tested,  Heroix’s 
RoboMon  monitors  only  systems  that  have  one  of  its 
own  agents  installed.  Like  LogCaster,  RoboMon  has 
agents  available  for  NT  on  Intel  and  Alpha  platforms.  In 
addition,  RoboMon  has  agents  for  Unix  platforms  from 
Digital  (now  Compaq),  Hewlett-Packard,  IBM  and  Sun. 
These  agents  provide  much  of  the  same  information 
you  get  from  NT  auditing  systems,  including  CPU 
usage,  disk  availability  and  memory  usage.Though 


ScoreCard 

Monitoring 

ono l 

Reporting 
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MediaHouse  Software's  Enterprise  Monitor  5.2 

9 

7 

9 

8 

7 

8 

7 

8.00 

Heroix's  RoboMon  7.5 

8 

9 

7 

7 

8 

7 

9 

7.85 

Ripple  Technologies'  LogCaster  2.1 

8 

7 

6 

8 

8 

6 

7 

7.25 

Dartmouth  College's  InterMapper  2.1 

7 

4 

8 

6 

4 

10 

6 

6.10 

Ipswitch's  WhatsUp  Gold  4.0 

6 

3 

8 

6 

4 

7 

7 

,60 

Tessler's  Nifty  Tools'  WatchDog  3.6 

7 

3 

5 

7 

4 

7 

6 

— 

5.30 

— 

Individual  category  scores  are  based  on  a  scale  of  1  to  10.  Percentages  are  the  weight  given  each  category  in  determining  the  total  score. 
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Network  Storage 


Attend  this  F3EE  SEMINAR  and  you'll  be 

two  steps  ahead  of  the  competition  by: 

•  Learning  about  the  stress  that  the  rapid 
growth  in  storage  is  putting  on  your  IT 
staff,  and  why  in  storage,  business  as 
usual  just  won't  cut  it 

•  Finding  out  how  a  storage-centric  plan 
can  boost  your  entire  IT  infrastructure 

•  Discovering  the  key  criteria  -  scalability, 
flexibility,  robustness,  and  manageability 
-  that  should  guide  the  storage  decision- 
making  process 

•  Learning  what  products  and  services 
are  available  today  to  help  you  build 
a  better  storage  system  for  tomorrow 

•  Quizzing  key  vendor  executives  about 
their  products  features,  and  their  plans 
for  the  future 

•  Figuring  out  which  vendor  is  most  in 
sync  with  your  long-range  storage  needs 


1999  Fall  Tour 

Boston,  October  6 
New  York,  October  7 
Chicago,  October  20 

Washington,  DC,  October  21 
Atlanta,  November  10 
Dallas,  November  11 

Los  Angeles,  December  1 
San  Francisco,  December  2 


Finn  IT 

HjHiiufk 


ON  FUSION 


Registration 
is  FREE. 

Call  today. 

(800)  643-4668 

www.nwfusion.com/townmeeting/storage 


♦  TOWN  * 
MEETING 


PRESENTING  SPONSORS: 

<hmcsoftware 

Assuring  Business  Availability 

That  HEWLETT 
milLM  PACKARD 


Computer  Network  Technology 

HITACHI 

DATA  SYSTEMS 


EMC2 

The  Enterprise  Storage  Company 

II  LEGATO 


EXHIBITING  SPONSOR: 

SONY 


If  you  are  interested  in  presenting  or  exhibiting  sponsorship  opportunities,  please  contact  Andrea  D’Amato  at  (508)  820-7520  or  adamato@nww.com. 
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LogGtster  cari  monitor  more  types  of  systems  because 
ii  '  iot  limited  to  using  agents,  RoboMon  collects  more 
information  about  the  systems  it  watches. 

The  last  three  products  we  tested  primarily  monitor 
more  generic  TCP/IP  services  and  don’t  worry  about 
the  underlying  operating  system.  Dartmouth  College’s 
InterMapper  also  monitors  AppleTalk  subnets,  which 
lets  you  keep  tabs  on  AppleTalk  routers.  In  addition, 
InterMapper  automatically  connects  any  devices  you 
specify  and  configure  in  an  organizational  chart 
approximating  your  subnet,  though  the  product  can¬ 
not  discover  these  devices.  InterMapper  is  the  only 
product  we  tested  that  uses  SNMP  to  watch  how  well 
each  system’s  network  interface  is  performing. 

Ipswitch’s  WhatsUp  Gold,  another  TCP- watcher, 
offers  some  support  for  IPX  in  addition  to  standard 
TCP/IP  monitoring  services.  While  this  sounds 
appealing,  the  only  function  it  supports  over  IPX  is  a 
simple  ping,  and  nothing  as  sophisticated  as  an  SNMP 
query7.  On  the  other  hand,  if  you  give  it  a  subnet  to 
look  at,  WhatsUp  Gold  can  discover  TCP/IP  devices 
and  present  the  objects  in  a  window  for  you  to  orga¬ 
nize. You  can  add  lines  and  symbols  to  create  a  like¬ 
ness  of  your  network.  When  one  or  more  service  on  a 
device  fails,  WhatsUp  Gold  will  highlight  the  device 
and  show  which  portion  has  failed,  launching  any 
notification  measures  you  have  set. 

Inversion  3.6,  released  in  early  August, Tessler’s 
Nifty  Tools  added  monitoring  of  NT  services  to 
WatchDog’s  TCP/IP  monitoring  base,  but  the  program 
still  doesn’t  monitor  NT  events.  Nor  does  WatchDog 
include  any  mapping  capabilities.  In  Version  3  8,  which 
was  released  just  before  we  went  to  press  but  not  in 
time  to  test,  the  vendor  has  added  support  for  SNMP 
traps  and  get  requests. 

Because  the  product  is  divided  into  four  modules 
—  WatchDog-IP,  WatchDog-Mail,WatchDog-Server  and 
WatchDog-Modem  —  you  can  buy  only  the  features 
you  need.  However,  the  downside  is  that  the  compo¬ 
nents  don’t  share  information.  If  a  device  has  multi¬ 
ple  services  on  it,  you  must  monitor  each  individual¬ 
ly.  It’s  confusing  at  first,  but  not  too  tough  to  imple¬ 
ment.  In  the  future, Tessler’s  Nifty  Tools  will  bundle 
the  foursome’s  features  in  a  single  product. 


More 


Online 


Newly  installed  network  monitoring  and  alerting 
packages  have  improved  the  lives  of  network 
managers  at  two  multisite  manufacturing 
companies.  Check  out  their  stories  online. 

Also  online: 

Learn  how  the  lETF's  switch  monitoring  MIB 
enhances  Remote  Monitoring  capabilities. 

See  four  application  base¬ 
lining  techniques 
explained. 

Download  an 
evaluation  copy  of 
Enterprise  Monitor  5.2. 


FIND  IT  H 


BUfmdei 


4324 


ion  Fusion 


On  the  alert 

Just  as  important  as  finding  a  problem  is  letting  some¬ 
one  know  about  it.  We  found  these  products’  notifica¬ 
tion  features  are  more  alike  than  their  monitoring  fea¬ 
tures.  All  can  send  e-mail  notification  via  SMTP  and  can 
use  most  standard  pager  systems.  We  began  to  see  some 
differentiation  when  we  looked  at  alternate  means  of 
notification,  such  as  pop-up  windows,  alert  sounds  and 
launching  a  program  on  a  desktop  or  console. 

As  they  did  for  monitoring,  Enterprise  Monitor  and 
LogCaster  emerged  as  the  strongest  in  this  category. 
Each  goes  above  and  beyond  the  standard  feature  set 
LogCaster  can  set  SNMP  traps  for  any  SNMP  manager. 
Enterprise  Monitor  can  send  e-mail  to  SMTP  and  MAPI- 
compliant  mailers  on  its  console,  while  LogCaster  can 
send  either  by  SMTP  or  Exchange.  Both  can  send  alerts 
by  Windows  pop-ups  to  machines  across  the  netw  ork. 
Enterprise  Monitor  also  lets  you  modify7  the  content  of 
e-mail  notifications. 

WatchDog  and  RoboMon  offer  standard  mail, 
beeper  and  pager  features  with  similar  restrictions:  If 
you’re  running  WatchDog,  pop-up  and  sound  alerts  are 
limited  to  the  WatchDog  console;  if  you’re  running 
RoboMon,  pop-up  and  sound  alerts  are  limited  to  the 


RoboMon  consoles  you  have  installed.  In  addition, 
WatchDog  offers  the  unique  ability  to  post  alert  status 
notifications  on  a  statically  named  Web  page. 

WhatsUp  Gold  and  InterMapper  don't  offer  any¬ 
thing  beyond  basic  e-mail,  pager,  beeper  and  console 
notification. 

Corrective  action  and  reporting 

Even  better  than  a  message  telling  you  there’s  a 
problem  is  a  message  that  says  the  problem  has  been 
identified  and  corrected  without  user  intervention.  We 
found  the  products  that  did  this  best  are  those  that 
depend  on  agents  to  gather  data  and  maintain  system 
health  —  in  particular.  RoboMon  and  LogCaster. 

If  a  service  or  application  becomes  unavailable, 
RoboMon  and  DzgCaster  can  instruct  the  agent  to  try 
to  restart  the  downed  service.  If  this  fails,  the  agent  can 
tell  the  entire  machine  to  reboot  itself.  RoboMon’s 
multiplatform  agents  are  a  definite  advantage  when  it 
comes  to  solv  ing  network  problems. 

Enterprise  Monitor  also  has  decent  corrective  fea¬ 
tures.  Because  it  can  tap  into  the  power  of  NT  service 
and  event  management.  Enterprise  Monitor  can 
attempt  to  reboot  a  machine  running  NT. 

WhatsUp  Gold,  WatchDog  and  InterMapper  all  have 
roughly  equivalent  corrective  features,  which  don’t 
amount  to  much.They  operate  mainly  as  stand-alone 
systems,  so  they  really  don’t  have  the  ability7  to  take 
over  another  machine  or  system. They  do  have  the 
ability  to  launch  a  program  on  the  console.  Inter¬ 
Mapper  can  launch  AppleScript  commands,  which  are 
analogous  to  sophisticated  DOS  batch  files. 

Ev  en  when  things  appear  to  be  running  smoothly, 
it's  nice  to  see  those  thoughts  confirmed.That’s 
where  reporting  comes  into  play.  In  our  tests,  we 
found  that  reporting  features  varied  widely  from 
product  to  product.  Reports  ranged  from  simple  lists 
of  available  and  unavailable  devices  to  graphics  that 
include  individual  device  data. 

The  undisputed  reporting  champ  is  RoboMon  By 
default.  RoboMon  logs  each  system's  activities  in  a 
local  Access  database.  Alternatively,  you  can  redirect 
them  to  a  central  repository  via  Open  Database 
Connectivity  (ODBC)  or  Microsoft's  SQL  Server. 
RoboMon  splits  its  reporting  tools  into  two  types:  cus- 


NetResults 


Enterprise 
Monitor  5.2 

MediaHouse 
Software 

(819)  776-0707 
www.mediahouse.com/ 
enterprisemonitor/ 

$350 


Pros 

▲  Comprehensive 
monitoring  features 

▲  Console  can  be 
deployed  anywhere 

▲  NT  information  pulled 
without  an  agent 

Icon  1 

▼  Reporting  needs 
polish 


RoboMon  7.5 

Heroix 

(800)  229-6500 
www.heroix.com/ 
Productslndex.htm 
$695  per  server  license 


Pros 

▲  Excellent  reporting 

▲  Powerful  rules  engine 


I  Con  | 

▼  Only  monitors  what  it 
has  an  agent  for 


LogCaster  2.1 

Ripple  Technologies 

(215)  321-9600 
www.rippletech.com/ 
procutinfo.html 
$795  per  NT  server 
license  and  $95  per  NT 
workstation  license 


Pros 

A  Monitors  TCP/IP  and 
NT  services  and 
events 


Cons 

▼  Initial  setup  is 
cumbersome 
T  Console  is  restricted 
to  NT 


InterMapper  2.1 

Dartmouth  College 

(603)  646-1999 
www.intermapper.com 
$795  for  100  nodes  ($395 
for  educational 
institutions) 


Pros  | 

A  AppleTalk  monitoring 
A  Good  automatic 
mapping 

A  Good  NIC  summary 


Cons 

▼  Weak  reporting 

▼  Corrective  actions 
lacking 


WhatsUp  Gold  4.0 

Ipswitch 

(781)676-5700 

www.ipswitch.com/ 

products/WhatsUp/ 

index.asp 

$695  for  100  nodes 


Pros  | 

A  Network  discovery 
features  included 

A  Full  function  Web 
interface 


Cons 

▼  Weak  reporting 

▼  Corrective  actions 
lacking 


WatchDog  3.6 

Tessler's  Nifty  Tools 

(925)  275-9353 
www.niftytools.com 
Pricing  starts  at  S&395 
for  WatchDog-IP;  $1,895 
for  WatchDog-Mail; 
$2,695  for  WatchDog- 
Modem;  and  $1,895  for 
WatchDog-Server 

I  Pro  I 

A  Clean  interface 


Cons 

▼  Modules  don't 
interact 

▼  Limited  features 
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Allied  Telesyn’s  AT-8100  series  of  But  don’t  take  our  word  for  it.  In 
managed  10/100  autosensing  switches  recent  independent  testing  the 
provides  all  the  important  features  you  AT-8I26XL  “clearly  out-performed” 
need  from  a  user-friendly  equivalent  switches  from  both 


workgroup  switch:  auto- 
negotiation  on  all  ports, 
flexible  uplink  options,  wire- 

including 

speed  performance  and  web-  fiber  uPr 
based  management  capability.  $32 
But  because  they  are  priced  some 
10-20%  below  comparable  devices  from 
the  brand  leaders  and  come  with  great 
warranties  and  free  technical  support, 
AT-8100  switches  represent  significantly 
better  value  for  evolving  networks. 


$65 

per  port 

including  FREE  1 00Mbps 
fiber  uplink  module,  a 
$329  value** 


3Com  and  Cisco.  Call  us  today 
and  we’ll  be  delighted  to 
send  you  a  copy  of  the 
report. 


So  take  a  look  at  how 
inexpensive  high-performance 
managed  switching  can  be. 

The  AT-8100  series  from  Allied  Telesyn:  a 
proven  performer  at  an  undeniably 
great  price. 


Allied  Telesyn 

Simply  Connecting  the  World 


Tel:  1.800.424.4284  www.alliedtelesyn.com 

Copyright  ©  Allied  Telesyn  International  Corp.  i  . 

f  Optional  uplinks  available  for  AT-81 18  and  AT-8I26XL. 

*  I -Cube  Second  Generation  Switching  Chipset — Competitive  Performance  Evaluation. 

Prepared  by  The  Silicon  Valley  Networking  Lab  (www.svnl.com)  and  available  at  www.svnl.com/test  lab  reportr.htm 
**  US  list  price  for  Allied  Telesyn’s  AT-8I26XL,  24  port  switch  with  FREE  1 00Mbps  fiber  uplink  module.  Free  uplink  module 
available  through  July  31,  1999. 


Free  Product  info  enter  NWInfoXpress  #59  online  @  www.networkworld.com/infoxpress 


Allied  Telesyn’s 
AT-8I26XL 
out-performs 
equivalent 
3Com  &  Cisco 
switches' 


16  or  24  I0/I00TX  ports 
2  optional  I0/I00TX  or  I00FX  uplinks! 
Half/full-duplex  operation  on  all  ports 
IEEE  802. 3u  compliant  auto-negotiation 
Full  wire-speed  switching  on  all  ports 
Support  for  up  to  16,000  MAC  addresses 
Port-based  VLANs 
Spanning  Tree  redundancy 
SNMP  or  Web-based  management 


You  want  to  pay  less  for 


superior  product? 
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Say  hello  to  the  AT-8100 
series  of  managed  10/100 
switches  from  Allied  Telesyn 


Buyer's  Guide 


How  we  did  it 

We  tested  the  products  on  the  University  of  Kansas  campus  network,  which  consists  of  more  than 
5,000  nodes.  Network  devices  include  3Com  SuperStack  switches  for  near-desktop  networking  and 
Cisco  Catalyst  switches  and  routers  for  backbone  connectivity,  primarily  over  100Base-T.  Clients 
include  a  mix  of  more  than  4,500  Unix,  Macintosh  and  Windows  95, 98  and  NT  workstations. 

We  installed  each  monitoring  package  on  equivalent  hardware  when  possible. We  used  three  main 
platforms  for  our  tests:  a  133-MHz  Pentium  with  512M  bytes  of  RAM  and  a  4G-byte  SCSI  disk  running 
Windows  NT  4.0  with  Service  Pack  5;  a  90-MHz  Pentium  with  64M  bytes  of  RAM  and  a  4G-byte 
Integrated  Drive  Electronics  (IDE)  disk  running  Windows  95;  and  a  PowerMac  7500/100  with  64M 
bytes  of  RAM  and  a  520M-byte  SCSI  disk  running  MacOS  8.5.  Once  up  and  running,  the  products 
monitored  various  machines  on  different  subnets. 

Each  program  monitored  the  same  devices,  except  in  cases  in  which  the  products  couldn’t  support 
certain  components.  We  disrupted  service  to  see  how  well  and  how  quickly  each  package  reported  and 
automatically  recovered  from  problems.  We  compared  the  remote  management  capabilities  of  each  pack¬ 
age,  as  well  as  text-based  and  graphical  reporting  features.We  evaluated  the  usability  and  completeness  of 
each  product’s  documentation,  and  we  compared  how  easy  they  were  to  install  and  operate. 


tomizable  text  reports  and  graphical  reports.  RoboMon 
gives  you  free  rein  over  how  the  data  is  presented, 
including  2-D  and  3-D  graphs,  and  line  and  bar  charts. 

LogCaster’s  reporting  features  are  not  quite  as 
strong  as  RoboMon’s.You  can  obtain  most  of  the 
same  information  and  create  similar  charts  and 
reports  with  LogCaster,  but  it’s  missing  the  flexibili¬ 
ty  of  RoboMon.  As  with  RoboMon,  LogCaster  lets 
you  share  data  among  agents  using  ODBC,  which 
lets  you  run  reports  from  alternate  consoles.  Unlike 
RoboMon,  you  must  first  configure  LogCaster  to 
collect  desired  performance  characteristics  before 
you  can  create  any  graphs  and  reports.  While  not 
particularly  difficult,  the  interface  was  not  very 
intuitive. 

Enterprise  Monitor  and  RoboMon  let  you  customize 
text  reports  by  tapping  into  the  full  complement  of 
NT  event  and  service  data.While  Enterprise  Monitor 
allows  much  greater  flexibility  than  LogCaster  in  creat¬ 
ing  text  reports,  we’d  like  to  see  Enterprise  Monitor 
improve  its  graphic  reports. 

InterMapper’s  reports  aren’t  nearly  as  configurable 
as  those  of  the  top  three  products.  However,  Inter- 
Mapper  nicely  displays  the  load  on  the  network  inter¬ 
face,  which  it  obtains  via  SNMP  calls,  and  reports  on 
system  uptime. 

Similarly,  WhatsUp  Gold  reports  systems  that  are 
up  and  down,  and  not  much  else. While  the  program 
includes  an  SNMP  graphing  utility,  it’s  a  little  rough 
to  use  and  you  can’t  even  print  the  resulting  graph. 

WatchDog’s  reporting  features  are  the  least  devel¬ 
oped.  Inversion  3. 6,  WatchDog  shows  statistics  on  suc¬ 
cessive  polls,  the  number  of  failures  and  the  network’s 
current  state,  but  that’s  it. 


Consoles  and  the  Web 

The  use  of  multiple  consoles  and  the  inclusion  of 
Web  interfaces  make  it  much  easier  for  users  to  gain 
access  to  the  information  collected  by  these  programs. 

Enterprise  Monitor  is  extremely  easy  to  propagate 
across  your  network.  All  you  need  to  set  up  additional 
management  consoles  is  a  ffames-compatible  Web 
browser.  During  setup,  you  can  make  system  availability 
open  to  public  view,  if  you  wish.  Configuration,  report¬ 
ing  and  other  privileged  functions  require  a  user  name 
and  password. You  can,  of  course,  set  up  any  number 
of  users,  each  with  varying  permissions.  But  the  real 
beauty  of  this  interface  is  that  there’s  virtually  no 
workstation  dependence;  you  can  get  to  a  manage¬ 
ment  console  from  anywhere. 

Enterprise  Monitor  installs  itself  as  an  NT  service 
and  is  ready  for  use  as  soon  as  installation  is  complete, 
as  long  as  the  Web  server  is  up  and  running. 

InterMapper  and  WhatsUp  Gold  provide  their  own 
Web  servers.  In  both  cases  we  found  the  Web  interface 
easier  to  use  than  the  console  for  many  basic  func¬ 
tions.  InterMapper  does  a  particularly  good  job  of  dis¬ 
playing  the  subnet  maps  that  it  creates  on  the  console. 
Likewise,  with  WhatsUp  Gold  you  can  create  new 
maps  from  the  Web  interface  and  activate  them  on  the 
main  console.  Again,  this  puts  virtually  no  restrictions 
on  the  workstation.  Security,  however,  is  a  bit  more  lax 
for  InterMapper,  which  restricts  access  based  on  IP 
address,  and  WhatsUp  Gold,  which  restricts  access 
based  on  a  single  password.  For  both  systems,  you 
either  have  access  or  you  don’t;  there  is  no  granularity. 

RoboMon  has  a  Web  interface,  but  it’s  much  more 
limiting  than  the  console. You  can  see  most  of  the  NT 
event  logs  and  other  statistics  collected  by  the  sys¬ 
tems,  and  you  can  install  multiple  consoles  on  different 
machines  throughout  your  network.  But  even  though 
the  agents  run  on  other  platforms,  RoboMon  requires 
you  to  put  the  console  on  a  Windows  NT  system  on  an 
Intel  platform. 

LogCaster  doesn’t  have  a  Web  interface  but  allows 
you  to  install  multiple  consoles  throughout  your  NT 
network.  WatchDog  doesn’t  have  a  Web  interface 
either,  nor  can  it  support  another  console.  Instead,  if 
you  want  to  use  WatchDog  in  another  place,  you  have 
to  install  and  configure  it  there. 

Getting  started 

MediaHouse  Software  provided  us  with  a  printed 
copy  of  Enterprise  Monitor’s  documentation,  but  admit¬ 
ted  that  it  normally  does  not  supply  this  to  customers. 
After  we  installed  the  program  we  realized  why:  Docu¬ 
mentation  is  well  integrated  into  the  program’s  virtual 
console,  including  a  unique  checklist  posted  at  the  top 


of  the  interface.The  checklist  consists  of  six  items  that 
make  using  the  program  much  more  efficient,  but  are 
not  mandatory.  Each  item  remained  in  view  as  a 
reminder  until  we  completed  it. 

RoboMon  was  a  bit  more  difficult  to  install  than  the 
other  programs,  mainly  due  to  its  capabilities.  As  the 
only  product  that  relied  on  its  agents,  it  needed  to 
know  what  each  agent  was  keeping  statistics  for 
before  the  program  could  be  used.The  documentation 
that  accompanied  RoboMon  was  by  far  the  most 
exhaustive.  But  to  really  take  advantage  of  the  pro¬ 
gram,  you  need  it. 

LogCaster  took  the  most  time  to  install  but  was  still 
pretty  quick;  within  15  minutes  the  management  con¬ 
sole  was  available  for  use.  LogCaster  ties  deeply  into 
NT  and  required  some  additional  configuration  before 
it  was  ready  for  use.  It  is  the  only  product  that  doesn’t 
allow  you  to  perform  any  management  functions  until 
you  log  on  as  a  valid  user. The  documentation  was  ade¬ 
quate,  but  not  as  detailed  as  we  would  have  liked. 

Hands  down,  InterMapper  was  the  easiest  program  to 
install.The  only  contender  that  ran  on  the  Macintosh 
platform,  it  was  also  the  only  product  that  we  installed 
simply  by  launching  the  program.The  printed  documen¬ 
tation  was  a  little  thin,  however.  You  can  access  addition¬ 
al  documentation  over  the  Web,  but  InterMapper’s  on¬ 
line  documentation  isn’t  as  tightly  integrated  as  that  of 
Enterprise  Monitor. 

Installing  WhatsUp  Gold  was  a  brief,  straightforward 
procedure.  We  simply  told  the  program  where  to  install. 
While  there  wasn’t  a  setup  procedure,  adding  systems 
to  be  monitored  was  an  intuitive  process.  If  you  do  have 
questions,  the  concise  manual  is  easy  to  follow. 

Installing  WatchDog  was  a  simple,  quick  process. 
Even  though  its  interface  is  intuitive, WatchDog’s 
printed  documentation  is  very  thin.  Help  files  fill  in 
the  blanks. 

All  things  considered,  each  product  has  its  place.  If 
you  have  Macintoshes  in  your  shop,  you  should  take  a 
look  at  InterMapper.  For  smaller  shops  or  the  budget- 
constrained,  WhatsUp  Gold  and  WatchDog  are  excel¬ 
lent  at  keeping  tabs  on  the  basics.  But  midsize  to  large 
shops  will  want  to  tap  into  the  power  that  RoboMon, 
LogCaster  and  Enterprise  Monitor  have  to  offer.  Enter¬ 
prise  Monitor’s  monitoring  features  are  the  strongest  of 
the  lot  —  you  can  get  to  them  from  almost  anywhere, 
and  your  notification  options  are  plentiful. 

Berkley  is  the  LAN  Support  Supervisor  with 
Computing  Services  at  the  University  of  Kansas.  His 
department  provides  contract  support  campuswide 
on  a  variety  of  platforms.  He  can  be  reached  at 
berkley@ukans.  edu. 


Vendors  propose 
monitoring  and 
alerting  scenarios 


Sometimes  the  only  way  to  decide  on  a 
product  is  to  see  exactly  how  it  would 
fit  into  your  network.To  help  you  nar¬ 
row  your  network  monitoring  choices, 
we  asked  our  Buyer’s  Guide  vendors  to 
respond  to  a  request  for  proposal  (RFP) 
prepared  by  the  Tolly  Group.The  RFP  outlines 
the  needs  of  a  fictional  company  considering 
network  monitoring  and  alerting  software.The 
goal  of  the  company  is  to  automate  system 
checks  and  free  up  network  person¬ 
nel  for  less  nuin-  dane  tasks. 

To  find  out  ~  what  the  ven¬ 

dors  recom¬ 
mended,  head 
online  to  Network 
World  Fusion’s  RFP  Central 
You'll  find  the  RFP  and  de¬ 
tailed  responses,  including 
pricing.  DocFinder:4325. 

Planning  to  invest  in  a  Gigabit  Ethernet 
backbone  switch?  Send  your  RFP  to  sgittlen® 
nww.com  by  Sept.  10.  If  yours  is  selected, 
we  ll  get  some  advice  for  you  from  our 
upcoming  Buyer’s  Guide  vendors. 
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CONFERENCE  AND  EXHIBITION 

For  the  Enterprise  and  Service  Provider  Markets 


NETWHRLD  rf  /  EXPO 

+INTEROP  comm 

GEORGIA  WORLD  CONGRESS  CENTER 

Atlanta,  Georgia  I  September  13-17,  1999 


If  the  network  is  the  backbone- 
guess  that  makes  you  the  brains 


Don’t  Miss.- 


Feed  your  brain  at  NetWorld+Interop  99  Atlanta 


•  Conferences  on  Networking  and  Service 
Provider  Solutions 

•  One-Day  Programs  on  VPN,  Voice  over  IP, 
Optical  and  Network  Forensics 

•  Over  50  in-depth  Tutorials  and  Workshops 

•  Completely  redesigned  InteropNet  Event 
Network  and  Labs 

•  Solutions  Pavilions  on  Convergence, 
Security,  Linux,  xDSL  and  Web 
Technologies 

•  Exhibits  from  over  500  of  the  world's  lead¬ 
ing  Networking,  Telecommunications  and 
Internet  Technology  suppliers 


When  it  comes  to  providing  infrastructure  solutions,  NetWorld+Interop 
has  always  been  ahead  of  the  curve.  We’ll  help  you  discover  new 
technologies,  implementation  strategies  and  network  management 
ideas  to  support  your  business  transformation  for  tomorrow. 

Find  answers  to  infrastructure  challenges,  such  as  Voice  over  IP, 
Security,  Optical  and  QoS,  as  well  as  Internet  Commerce,  convergence 
strategies  for  data,  voice  and  video  and  the  latest  information  about 
packet  switching. 

If  you  need  answers  today,  there’s  only  one  conference  and  exhibition 
that  gives  you  the  most  up-to-the-minute  information — 
NetWorld+Interop  99  Atlanta. 


ZIFF  DAVIS 

,1  S  O  F  T  HANK 
company 

©1999  ZD  Events  Inc.  All  rights  reserved. 
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Cool  Tools 


Quick  takes  on  high-tech  toys 


Lee  Schlesinger,  Test  Center  Director 

Go  TO  YOUR  EROOM 


8  usually  reserve  this  space  for 
interesting  little  products  de¬ 
signed  to  make  your  life  easier  and 
more  fun.  Well,  here’s  an  interesting 


big  product  about  which  you  can  say 
the  same  thing. 

Instinctive  Technology’s  eRoom  is 
software  that  fosters  collaboration 


among  members  of  a  project  team 
using  Microsoft’s  Internet  Infor¬ 
mation  Server  on  a  Windows  NT 
Server  host.  The  software  lets  you 
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1 .  First,  select  an  issue: 

f - 


2.  If  you  know  the  items' 


Or.  search  by  category: 

Network  Herdwert 
Network  Soft  wen 
Network  Services 
Intemet/IatraaetrE -Commerce 

Computer  Htrdwere 


NetWOrkWorld  InfoXpress  is  reader  service  at  its  best 
An  online  service  designed  to  furnish  readers  with  a  quick  and  easy  way  to 
request  information,  NetWOfkWofld  InfoXpress  offers  readers: 

■  Easier  access  to  more  relevant  information. 

H  24 -hour  service. 

3  The  ability  to  search  for  information  by  reader  service  number,  advertiser  name  or  product  category. 

H  Flexibility  in  requesting  information  via  mail,  email,  telephone,  fax  or  linking  to  the  advertiser  Web  page. 
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AT&T's  new  promise: 
One  line  will  do  it  all 


Network  World.  Inc..  Th«  Meadows.  161  Worcester  Road.  Framingham.  MA  0 
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share  documents  and  modify  them 
with  version  tracking,  maintain  a 
group  e-mail  box,  hold  threaded  dis¬ 
cussions,  conduct  polls,  perform  basic 
workflow  tasks  and  use  instant  mes¬ 
saging.  You  can  keep  a  task  or  to-do 
list,  which  you  can  synchronize  with 
Microsoft  Outlook  task  lists. 

Easy  administration 

For  a  product  with  this  level  of 
functionality,  eRoom  is  surprisingly 
easy  to  administer.  It’s  also  less  work 
for  the  network  management  staff 
because  anyone  who  creates  an 
eRoom  becomes  its  administrator, 
leaving  you  to  handle  only  the  initial 
setup  of  authorized  users.  Installing 
the  product,  which  runs  as  an  NT  ser¬ 
vice,  is  a  breeze. 

To  a  user,  an  eRoom  looks  like  just 
another  Web  page,  but  there’s  magic 
behind  it. You  can  drag  and  drop  fold¬ 
ers  and  documents  into  an  eRoom, 
which  copies  them  to  an  area  where 
anyone  can  access  them.  Unfortunate¬ 
ly,  you  can’t  simply  point  to  a  docu¬ 
ment  in  a  different  directory;  your  live 
copy  must  live  within  an  eRoom. 
However,  you  may  be  able  to  get  an 
application  developer  to  use  In¬ 
stinctive’s  API  to  write  a  connector 
for  an  external  repository,  and  there¬ 
after  send  information  to  a  designated 
external  area.  Currently,  Instinctive 
offers  a  connector  for  exporting 
items  to  Microsoft  Exchange  public 
folders. 

Users  can  interact  with  eRoom  on 
the  server  using  pure  HTML,  but  I  rec¬ 
ommend  using  Instinctive’s  client 
plug-in;  it  takes  no  more  than  a  few 
minutes  to  download,  installs  effort¬ 
lessly  and  adds  a  bit  of  clarity  to  the 
user  interface. 

A  worthwhile  plug-in 

If  you  use  the  plug-in,  you  can  dou¬ 
ble-click  to  edit  a  document,  or  right- 
click  on  an  icon  to  get  a  context-sen¬ 
sitive  menu  of  operations  you  can 
perform  on  that  object.  The  plug-in 
also  gives  you  a  more  full-featured 
navigation  panel. 

You,  or  an  eRoom  administrator, 
can  give  users  several  levels  of  securi¬ 
ty  to  allow  for  different  levels  of  par¬ 
ticipation  in  activities,  such  as  partici¬ 
pant.  observer  and  coordinator. 

True,  the  price  is  high,  but  so  is  the 
level  of  functionality  eRoom  pro¬ 
vides.  For  organizations  that  are  team- 
oriented  and  committed  to  NT  Server 
and  Microsoft  Office,  eRoom  provides 
a  collaboration  platform  that’s  simple 
yet  powerful.  E 

Net  Results 

eRoom  4.0 

Instinctive 
Technology 
(617)  497-6300 
tvww.eroom.com 

Price:  Of  9. 995  sen  vr;  $199  per  client 
Bottom  line;  great  tool  for  Web 
collaboration. 
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shouldn’t  your  test  lab  share  that  pioneering  attitude?  But  how  can 


you  stay  ahead  of  the  competition — and  in  front  of  your  customers — if  your  testing 
partner  doesn’t  share  your  drive  and  determination? 


That’s  never  an  issue  at  The  Tolly  Group,  the  networking  industry’s  premier  indepen¬ 
dent  test  lab.  Throughout  its  ten-year  history,  The  Tolly  Group  has  consistently  been 
the  first  to  test  emerging  products  and  technologies — typically  creating  the  methodolo¬ 
gies  used  by  other  testing  firms.  What’s  more,  we’re  known  internationally  as  an 
industry  leader:  identifying  issues  for  our  constituency  and  putting  our  reputation 
on  the  line  for  what  we  believe  in. 


Now  we’ve  taken  this  culture  of  leadership  and  applied  it  to  a  new 
challenge:  the  task  of  finding  the  best  testing  partner  for  your  specific 
needs.  To  help  you  make  this  difficult  decision,  The  Tolly 
Group  has  prepared  a  white  paper  on  the  selection  process, 
complete  with  lab  evaluation  checklist.  You  can  find  it  on 
our  Web  site  at  www.toIIy.com/lab-eval 
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Client/Server  Labs. ..the  Leader  in  load,  capacity  and  stress  testing  for  the  Web 


Voice  678.250.1100 


CLIENT/SERVER  LABS 


anagement 


Career  Development,  Project 
Management,  Business  Justification 


Strategies 


Procurement 
portals  for  IT 


Online  marketplaces  offer  one-stop  shopping 
for  network  hardware  and  services. 


Keith  Langford  of  Merrick 
Printing  points  and  clicks 
his  way  through  portals  for 
key  product  information. 


ing  that  he  wouldn’t  want  a  plethora  of  e-mails  from 
vendors  he  investigated. 

If  it’s  vendor  interaction  you’re  after,  portals  are 
the  place  to  go.Telezoo.com  lets  you  build  a  virtual 
request  for  proposal  that’s  sent  to  appropriate  partic¬ 
ipating  vendors.  And  when  you  need  to  procure  data 
network  services,  convenience  is  the  name  of  the 
game  at  telcoexchange.com.  The  portal  lets  you  cal¬ 
culate  pricing  for  various  ’Net  and  digital  line  ser¬ 
vices  and  speeds  —  if  you  find  a  deal  you  like,  you 
can  order  online. 

Moreover,  some  portals  aim  to  help  you  with  job 
shopping  and  hiring  needs.  Computingcentral. 
msn.com  and  telezoo.com  let  users  search  and  post 
job  listings.  This  type  of  value-added  service  can  help 
drive  traffic  as  network  professionals  look  for  better 
opportunities  or  struggle  to  fill  positions. 

What  these  sites  don’t  do  is  provide  any  type  of 
hands-on  information  about  how  the  gear  will  fit  into 
an  enterprise  network.  For  this,  you’ll  have  to  go 
directly  to  the  vendor.  And  no  matter  what  channel 
you  use  to  purchase  network  equipment,  you’ll  proba¬ 
bly  want  to  try  it  before  you  buy  it. 

Merrick  Printing’s  Langford  would  be  hesitant  to 
implement  any  hardware  that  hadn't  gone  through 
extensive  evaluation  in-house. 

“I’m  going  to  do  a  lot  of  research  and  testing  before 
I  introduce  anything  that  might  have  an  effect  on  the 
performance  or  stability  of  my  network,”  he  says. 

Jacobs  is  a  freelance  writer  in  Dover,  N.H.  She  can 
be  leached  at  ajacobs777@aol.coni. 


BY  APRIL  JACOBS 

Internet  portals  for  business-to-business  electronic 
commerce  are  springing  up  everywhere,  and  there 
are  a  handful  of  IT-oriented  portals  competing  for 
your  attention  and  dollars.  These  sites  make  it  easy 
to  research,  compare  and  buy  products  online. 

For  example,  telezoo.com  offers  an  online  market¬ 
place  for  network  and  telecommunications  equipment 
and  data  network  services,  and  access  to  systems  inte¬ 
grators  that  can  help  put  it  all  together.  Portals  such  as 
computingcentral.  msn.com,  pulsewan.com  and  telco 
exchange.com  provide  similar  features  (see  graphic). 


But  as  appealing  as  the  con¬ 
cept  of  one-stop  shopping 
sounds,  it’s  too  early  in  the 
game  to  tell  if  portals  will  ring 
up  many  sales. 

“These  sites  are  useful  in  let¬ 
ting  people  do  comparisons,” 
says  Tim  Albrecht,  IS  manager 
at  industrial  supplies  retailer 
Fastenal  in  Winona,  Minn. 

While  Albrecht  has  used 
portals  to  research  products, 
he  isn’t  convinced  his  col¬ 
leagues  will  buy  into  the  idea, 
pointing  out  that  large  companies  need  to  carefully 
screen  network  and  telecommunications  products  for 
performance  and  interoperability  issues. 

Some  portal  hosts,  such  as  pulsewan.com,  aim  to 
address  buyers’  questions  by  posting  resources  such 
as  a  directory  of  systems  integrators  and  their  areas  of 
expertise,  and  white  papers  that  address  complex 
technical  issues.  The  sites  also  offer  products  from  sev¬ 
eral  vendors,  increasing  the  likelihood  that  you’ll  be 
able  to  find  something  that  meets  your  needs. 

At  computingcentral.msn.com,  for  example,  you 
can  view  product  specifications  from  multiple  ven¬ 
dors,  as  well  as  access  related  news  and  review  infor¬ 
mation.  And  telezoo.com  lets  you  compare  gear  in  a 
side-by-side  custom  presentation,  which  helps  you 
find  what  you’re  looking  for  without  being  over¬ 
whelmed  by  information. 

Keith  Langford,  IS  coordinator  at  Merrick  Printing 
in  Louisville,  Ky.,  has  explored  a  few  IT  procurement 
sites  and  finds  them  useful.  “I  narrow  my  list  down 
based  on  what  I  see.  I  may  even  find  new  things  that  I 
didn’t  see  before,”  he  says. 

Likewise,  another  IT  professional  says  portals  make 
it  easier  to  research  products.  “With  the  number  of 
products  and  vendors  out  there  today,  nobody  can  pos¬ 
sibly  know  all  of  them  anymore,”  says  Paul  Maszczak, 
corporate  director  of  IT  at  C.R.  Bard,  a  financial  institu¬ 
tion  in  Summit,  N.J.  However,  Maszczak  raises  a  poten¬ 
tial  negative  —  privacy  issues. 

“If  these  sites  are  going  to  be  successful  to  any 
degree,  it’s  going  to  be  very  important  that  people  can 
remain  anonymous  when  visiting  them,"  he  says,  not¬ 


Just  browsing 


•  www.computingcentral.msn.com  Geared  toward  the  general 
IT  community,  this  portal  offers  one-stop  shopping  and  a  host 
of  resources  pertaining  to  networks  and  careers.  The  downside 
is  that  the  site  sends  you  to  individual  vendors'  Web  pages, 
which  makes  it  tough  to  compare  products. 

•  www.portals.net  Can't  find  what  you're  after?  Check  this 
portal  Yellow  Pages.  While  the  site  is  a  useful  resource,  it  can 
be  somewhat  difficult  to  navigate. 

•  www.pulsewan.com  A  portal  for  everything  from  ATM  to 
wireless  gear  and  services,  pulsewan  provides  good  comparative 
data  along  with  listings  of  training  programs  and  systems 
integrators.  However,  you  can't  actually  buy  anything  online  here 
—  the  site  refers  you  to  the  nearest  Pulse  reseller. 

•  www.telcoexchange.com  This  telecom  products  and  services 
site  has  a  fairly  simple  Internet  and  data  network  services  pricing 
tool  that  lets  you  compare  rates  and  review  packages.  You  can 
also  procure  services  online  and  track  your  order  electronically. 

•  www.telezoo.com  This  online  emporium  of  all  things  telecom 
offers  interactive  product  comparisons,  white  papers,  a  discussion 
forum  and  directory  of  systems  integrators.  What's  more,  the 
site's  job  listings,  resume  tips  and  directory  of  telecom  degree 
programs  may  help  you  advance  your  career.  But  like  most 
portals,  the  number  of  participating  vendors  is  limited,  and  you'll 
need  to  go  offline  for  expert  advice. 


Online 


1  Handy  links  to  portals 
for  network  gear  and 
services. 
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Attn  Employers: 


Qualified  Employees 


no  fee 


Looking  for  dynamic,  intelligent,  skilled  personnel  with  experience,  call  Council  Of  Jewish  Organizations 
of  Hatbush,  Inc  At  COJO  of  Flatbush/ATCl  we  have  specialized  training  programs  for  professionals.  The  four 

industry  related  courses  we  teach  AutoCAD  ver.  14,  LAN  Technology  (NOVELL),  Website  Design  and 
Programming  Development,  and  Database  Development  Programming. 


[  Experienced  Professionals  with  backgrounds  in  the  following  areas: 

Technical  Designers 

Mechanical  or  Structural  Engineers 

Technicians  or  System  Designers 

Architectural  Professionals 

Website  Design 

Support  Technicians 

Mechanical  and 

Emphasis/Internet  Programming 

Help  Desk 

Manufacturing  Professionals 

Programmer  Analysts 

Networking  Administrators 

Civil 

Systems  Analysts 

System  Designers 

|  Electrical 

Methods  Analysts 

Database  Development 

As  an  integral  part  of  our  training  and  employment  program,  sponsored  by  the  New  York  City  Department 
of  Employment,  we  at  COJO  of  Flatbush  offer  qualified  employees  to  meet  your  employment  needs,  at  no 
fee.  We  will  properly  match  professional  skills,  past  work  experience  and  personal  interests  to  meet  your 
present  employment  requirements.  All  you  have  to  do  is  call  us  and  you  will  have  immediate  access  to 
an  unlimited  wealth  of  talented  minds  with  high  work  ethics. 

FOR  POSITIONS  YOU  ARE  PRESENTLY  INTERVIEWING  PLEASE  FAX  A  JOB  DESCRIPTION 
TO  (718)  258-8696,  ATTN:  NOLAN  RHODES,  or  CALL  (718)  252-5854. 

Council  Of  Jewish  Organizations  of  Flatbush,  Inc.  •  1 550  Coney  Island  Avenue,  Brooklyn,  N.  Y.  11 230 

email:  nolanrhodes@erols.com 


Paramount  Software  Solutions, 
Inc  has  a  need  for  Software 
Engineers/Technical  Business 
Analysts:  To  analyze,  design, 
develop,  maintain,  test  and 
support  Internet/Intranet,  E 
commerce  and  client/server 
applications  using  Rambaugh, 
OMT  and  OMT  tool  on  Unix, 
Windows  NT,  AIX,  Oracle, 
Java,  OOAD,  C++,  Corba, 
OMT,  Java  RMI,  Solaris, 
Linux  platforms;  ADA, 
Persistence,  Web  Server  exten¬ 
sions  (NSAPI),  AWT,  Netscape 
Enterprise  Web  Server,  Apache, 
Visibroker,  Objectstore 

OODBS,  Swing,  HTML, 
XML;  Java  applets  and 
servlets,  Netdynamics,  Java 
Web  Server  &c  IIS.  Must  have 
MS  8c  lyr.  exp.  or  BS  3yrs. 
Exp.  $60,000/yr.  Send  resume 
to  HR  Dept,  Paramount 
Software  Solutions,  Inc,  2000 
Powers  Ferry  Rd,  Suite  300, 
Marietta,  GA  30067 


Database  Administrator:  MSCS 
w/  Oracle  Master’s  Cert.  +  1  yr. 
exp.  veri.  work  refs.  Design  & 
imple.  backup  &C  recovery  of 
Oracle  on  HP  Unix  &  NT.  Set 
up  SQL*Net.  Unix  admin,  inch 
logic  vol.  mgt,  using  Shell  Script 
&  Perl.  Database  design,  imple. 
security  mgt.  inch  SGA,  Row 
Migration  &  Chaining. 
Monitor  RDBMS  &  write  trig¬ 
gers,  using  PL/SQL,  Java  & 
CGI.  Analyze  sys,  capacity  for 
applic.  40hr/wk,  job  loc.  in 
Monroe,  NC.  Send  resume  to 
Box  9172-NC  c/o  Network 
World,  161  Worcester  Rd., 
Framingham,  MA  01701-9172. 


LEVEL  ONE  SOFTWARE  ENGINEER.  Localize  and  evaluate 
Lexmark  Ink  Jet  and  Laser  products  with  Japanese  PC  hardware 
platforms,  Japanese  PC  operating  systems  and  Japanese  PC  appli¬ 
cations.  Establish  Japanese  PC  and  Network  environments  and 
recommend  changes  required  in  Lexmark  products  for  these  envi¬ 
ronments.  Work  on  joint  development  projects  with  Japanese 
printer  companies  to  customize  and  localize  current  Lexmark 
products  for  the  Japanese  marketplace  by  modifying  printer  dri¬ 
vers  and  printer  firmware  software  using  C  and  C++  program¬ 
ming  languages.  Understand  and  develop  user  interface  software 
function  for  Japanese  users  and  specify  necessary  application 
modifications  to  enable  support  for  double-byte  development.  40 
hrs/wk.  B.S.  in  Engineering  or  Computer  Science.  Must  be  able  to 
speak,  read  and  write  Japanese.  Must  have  legal  authorization  to 
work  permanently  in  the  U.S.  $3, 274. 34/month.  Submit  resumes 
to:  Ginny  Burton,  Department  for  Employment  Services,  275  East 
Main  Street  2W,  Frankfort,  Kentucky  40621.  Ref.  #661.  An  Equal 
Opportunity  Employer. 


Left! 


Don't  miss  your  opportunity  to  participate  in 


The 


Career  Fair 

at  NETW#RLB^3NTEROP 


Particioatinu  Companies  to  date: 

Agere,  Inc. 

Frontier 

AT&T 

International  Network  Services  (INS) 

AT&T  Solutions 

IPivot  Inc. 

Axis 

Level  One  Communications,  Inc. 

The  Boeing  Company 

Nortel  Networks 

Cable  &  Wireless 

Sprint  Paranet 

Concord  Communications 

Total  Network  Solutions 

Equant 

Fidelity  Investments 

US  West 

Call  now  to  get  more  details! 
(800)  622-1108,  Ext.  7454 


NetwoikWorfii 


B23  LEADER 


IN  NETWORK 


KNOWLEDGE 


Print  ■  Qnlini  •  Events 


For  More 

Information  About 
Advertising  in 
Network  Careers 
1-800-622-1108 


ATM  Development  Engineer,  40 
hrs/wk.  8  am  to  5  pm.  $63,000/yr. 
Develop  Asynchronous  Transfer 
Mode  (ATM)  signaling  stack  of 
integrated  device  drivers  for 
Local  Area  networking; 
Upgrade  signaling  stack  by  fol¬ 
lowing  the  continual  evolution 
of  related  ATM  Forum  and 
International  Telecom  Union-T 
specifications;  Provide  input 
toward  ATM  Forum 
Specifications  balloting  and 
drafting.  Requires  Master’s 
degree  in  Telecommunications 
or  Computer  Science  and  1  year 
experience  in  job  offered  or  3 
years  experience  in  a  Computer 
Related  Field  to  include  ATM 
Networking  Protocol  and  1  year 
in  C/C++  and  Unix  Kernel  pro¬ 
gramming.  Employer  will  accept 
Bachelor  s  degree  and  five  years 
of  related  progressively  respon¬ 
sible  experience  in  lieu  of 
Master’s  degree  and  job 
offercd/related  experience. 
Apply  at  the  Workforce 
Commission,  Dallas,  Texas,  or 
send  resume  to  1117  Trinity, 
Room  424T,  Austin,  Texas 
78701,  JO#TX  1006827.  AD 
paid  by  an  Equal  Opportunity 
Employer. 
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Network  managers  -  take  control! 


APC  MasterSwitch  ™:  the  right  answer  for 
remote  reboot  requirements 

Imagine  having  the  ability  to  power-on  and  power-off  sensitive 
communications  and  computer  equipment  instantly  in  a  remote 
office  800  miles  away  without  raising  an  eyebrow.  With  APC's 
MasterSwitch  ”,  you  have  no  reason  to  panic,  and  no  need  to 
dispatch  costly  service  people.  You  control  power  to  remote 
equipment  from  your  desktop  or  laptop  via  Web,  SNMP,  Telnet 
or  modem  connection. 

Today,  power  management  translates  directly  into  high  avail¬ 
ability.  For  network  operations,  the  ability  to  remotely  reboot 
locked  equipment  and  bring  each  device  back  on-line  quickly 
represents  a  big  boost  in  productivity. 

The  APC  MasterSwitch  saves  corporations  thousands 
of  dollars  a  year  by  eliminating  unnecessary  field 
service  technician  calls.  Test  drive  MasterSwitch  and 
see  what  APC's  Legendary  Reliability™  is  all  about. 
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MasterSwitch  benefits  include: 

•  Eight  independently  controlled 
switchable  outlets  for  remote 
rebooting  of  equipment 

•  Requires  only  1U  of  rackmountable 
space 


Visit  APC's  Web  site  today  to  receive  your  FREE 
APC  Network  Enhancement  Solutions  Kit  and 
test  drive  MasterSwitch  on-line  before  buying  I 

KEY  CODE 

http://promo.apcc.com  m995z 

CALL  (888)  289-APCC  x7579  •  FAX:  (401)  788-2797 


•  Provides  in  and  out-of-band  connectivity 
to  manage  devices  (Web,  SNMP,  Telnet 
or  modem) 

•  Tremendous  savings  on  costly  field 
technician  service  calls 


Legendary  Reliability' 


©1999  American  Power  Conversion.  All  Trademarks  are  the  property  of  their  owners.  MS2A9EP-US  •  PowerFax:  (800)  347-FAXX  •  E-mail:  apcinfo@apcc.com  •  132  Fairgrounds  Road,  West  Kingston.  Rl  02892 
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SNMPc  Enterprise 
Manager 

Distributed  management 
for  Windows  XT.  Supports 
remote  consoles  and 
polling  agents,  Web  Trend 


Network 

Management 

for  Microsoft  Windows 


Reporting  and  more. 

SNMPc  WorkGroup 
Manager 

Affordable  management 
lor  small  networks. 

With  an  installed  base 
of  over  60,000  copies, 
this  popular  tool  is  resold 
by  major  OK. Ms,  including 
Cisco  and  ACC. 


CastJe  Rack 

Computing 

Phone:  408.366.6540 
Fax:  408.252.2379 
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Introducing  the  Router  that’s  easier  to  configure. 


Web 
Browser 
Configuration. . . 
It’s  Easier! 

Introducing  The  Emerald,  a 
Frame  Relay  Access  Router  to 
replace  all  others.  Why?  Web 
Browser  Configuration!  Use 
Netscape  4.5  or  MS  IE  4.0  to 
set  up  and  configure  your 
Emerald.  The  Emerald  allows 
you  to  monitor  your  network 
from  your  desktop  using  the 
Web  Browser  you  use  every 
day.  For  less  than  the  price  of 
one  week’s  training  on  those 
other  routers,  you  can  be  up 
and  running  in  minutes! 


Call  800-223-9758  to  receive  a  FREE  demo  Emerald  to  try 
for  45  days.  If  you're  not  convinced  it’s  the  easiest  router 
you’ve  used,  send  it  back.  What  could  be  easier? 


_ Take  a  look,  you'll  like  what  vou  sec. 

American  Technology  800-777*551  lor  + 1-406-777-55 11  fax:  406-777-5512  email  info  (itatli  com 
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from  the  qu< 
for  network  t 
consulting 


Chesapeake  is  he  quality  lee  derm  Cisco  training.  An  impor¬ 
tant  reason  for  our  success  has  been  our  ability  to  offer  yc 
the  highest  quality,  custom  'zed  training  for  your  personal  or 
corporate  needs.  Building  on  this  heritage ,  Chesapeake  is 
proud  to  announce  that  we  now  offer  a  revolutionary 
web-based  training  service:  vLab".  Developed  by  Mentor  Labs, 
vLab  provides  online  access  to  real  Cisco  gear  and  lab 
content  written  by  networking  experts.  vLab  is  a  perfect 
complement  to  Chesapeake's  Instructor-Led  Training  and 
Consulting  services,  and  allows  us  to  offer  you  a  more  com¬ 
plete  solution  to  your  training  needs.  Contact  Chesapeake  at 
1-800-447-5967  to  discuss  how  we  can  best  serve  you. 


Visit  our  web  site  for  the  latest  information 
on  our  training  and  consulting  services. 
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PC  based  Video  Surveillance  System 
Live  Video  over  your  Network! 

View  64  Cameras  from  any  PC 
Monitor  Alarms  from  any  PC 


Video  Security  Management 
for  NETWORKS! 


ACI  International  Inc. 

www.aciconnect.com  Toll  free  (800)  267-2288 
Phone  (905)  660-4460  Fax  (905)  660-7544 
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Uninterrupted  Data  Flow. 


Dataprobe’s  circuit  protection 
and  redundancy  switches  will 
keep  your  network  from  going 
off  the  deep  end. 

Backup  WAN  links  and  data 
systems  for  your  critical 
operations. 


y 

v 

v 

y 


Protection  Switching  from  RS-232  to  DS-3 
Automatic  Loss  Detection  &  Switching 
Remote  Control  via  Phone,  Network,  Wireless 
Integrated  Alarm  Reporting  &  Positive  Feedback 


11  Park  Place  /  Paramus,  NJ  07652 
(201)  967-9300  /  www.dataprobe.com 
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Size  means  everything. 


gets  the  most 


inch,  By  any  measure,  Eastern  Research’s 
search  ~  Digital  Network  Exchange 

proves  that  good  things  do,  indeed, 
come  in  small  packages, 
bandwidth  Ollt  of  a  Occupying  just  10  inches  of  rack 

tight  situation.  space,  the  DNX  is  compact,  yet 

roomy  enough  to  house  Integrated  Access  Device  and 
DACS  capabilities  for  more  than  44  Tl/El  circuits. 
But  wait,  there’s  more.  The  DNX  offers  T3,  xDSL, 
data  and  voice  integration  for  maximum  flexibility. 

All  of  this,  plus  advanced  network  management  and 
the  protection  of  full  redundancy  enable  you  to  deploy 
with  confidence.  So  whether  you  are  a  network 
service  provider  or  a  corporate  end-user  pressed  for 
the  room  to  expand,  the  DNX  delivers  big-time 
results.  Today’s  performance,  tomorrow’s  capabilities 
-  an  intelligent  choice  by  any  measure. 


Reseated 


Products  as  Solutions 


225  Executive  Drive,  Moorestown,  NJ  08057  1-800-337-4374  609-273-6622 


E-mail:  info@erinc.com  http://www.erinc.com 
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5  Sterling  •  Irvine  •  California  92618-2517  •  (949)  586-9950  •  Fax:  (949)  583-9514 


leboot  your  Network  Equipment  via  Telnet,  Dial-Up  and  Local  Console 


Network  equipment  sometimes  "locks-up"  requiring  a 
service  call  just  to  flip  the  power  switch  to  perform  a 
simple  reboot.  The  NPS  Network  Power  Switch  gives 
network  administrators  the  ability  to  perform  this 
function  from  anywhere  on  the  LAN/ WAN,  or  if  the 
network  is  down,  to  simply  dial-in  from  a  standard 
external  modem  for  out-of-band  power  control. 

✓  TCP/IP  Security 

✓  Individual  Plug  Passwords 

✓  Dual  15  Amp  Power  Inputs 

✓  Eight  (8)  Individual  Outlets 

✓  Modem  and  Console  Ports 

✓  Co-Location  Features 

✓  115-VAC  and  230- VAC  Models 

✓  Modem  and  Telnet  Auto  Reset 


Individually 
Programmable 
Outlet  Plugs  (8) 


lOBase-T  Ethernet 
Interface 


1 9”  Rack  Brackets 
Allow  Front,  Back,  or 
Center  Mounting 


Dual  15  Amp 
Power  Circuits 


Modem  Port  for 
Out-of-Band 
Management 


□  western- 
D  telematic  inc. 


Local  RS232 
Console  Port 


(800)  854-7226  •  www.wti.com 
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•  Proven  Firewall  Technology 

•  Network  Address  Translation 

•  Unlimited  User  License 

•  High  Performance 

•  Transparent  Network  Access 

•  Easy  to  Configure  &  Operate 

•  Remote  Web  Based  Management 

•  Cost  Effective 

•  Time  Based  Access  Control 

•  URL  &  Content  Filtering 

•  Email,  Pager  &  SNMP  Trap  Alerts 

•  Email  Proxy 

•  ISDN,  xDSL  &  Cable  Modem  Support 

•  Win95/NT  Management  Client 

$  995.00 


1 -800-775-4GTA 

Web:  http://www.gnatbox.com 
Email:  gb-sales@gta.com 
Tel:  +1  -407-380-0220  Fax:  +1  -407-380-6080 
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2000  is  coming! 
Is  there 

something  missing 
in  your  network? 

©  Datum  Network  Time 


TymServe  2100  TymServe  2t 

To  find  out  why  network  time  has  become  an  essential  ei< 
of  today's  networks,  give  us  a  call  at  408/578-4161  or  visit  < 
web  site  at  www.datum.com. 
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Unbeatable 


Tired  of  second-rate  products  and  services?  Choose  a  BLACK  BOX’  ServSwitch  and  start 
saving  with  the  best  KVM  switch  on  the  market.  We  have  the  broadest  product  line,  and 
we  back  it  up  with  the  most  comprehensive  support  services  in  the  industry.  Other 
companies  simply  can't  offer  the  same  free  consultations,  expert  24-hour  tech  support,  and 
unbeatable  warranties.  At  Black  Box,  they're  part  of  the  package. 

Don't  settle  for  second  best  when  you  can  have  ServSwitch. 

Expect  more.  Save  more.  Choose  BLACK  BOX. 


Call  us  for  a  free  consultation  at  724-746-5500  and  start  saving  with  ServSwitch. 


#331  @  www.networkworld.com/lnfoxiircss 


For  Free  Product  lnfo» 


T1/E1  CHANNEL  BANKS  ROUTERS  CSU/DSUs 


IN  STOCK 

3624  |LeS)IACKA6ER/12 
HE 


. 


NEWBRIDGE  3624  MAINSTREET  CHANNEL  BANK 
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Be  a  part  of  Network  World's  N+l  Planning  Guidj 
Issue:  Sept.  6  ♦  Ad  Close:  Aug.  25 


#233  @  www.networkwortd.com/infoxpress 


For  Free  Product  Info  •  www.networkworld.com/infoxpss 
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546  Valley  Way  Milpitas,  CA  95035 
Ph:  1.800.200.9881  Fax:  408.263.9883  sales@kansmen.com 
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LittleBrother 

"Little  Brother  is  watching  you  use  the  Internet" 


~.METROCOM=  SSr 496'6500 

COMMUNICATIONS,  INC  www.metrocominc.com 


ARE  YOU  Y2K  COMPLIANT?? 
UPGRADE  NOW! 


00 

iJ.il  - 


FRAME 

RELAY 


ROUTER 


ORDER  TODAY 
SHIP  TODAY 


AT  HOME, 
HOW  YOU 
SURF  IS 
YOUR 

k  BUSINESS. 

L 


AT  WORK 
IT  S  OURS. 

Immediately 

increase 

productivity. 


Monitor 


report 


on 


or 


block  all 


Internet  access 


OVERNIGHT 

ADVANCE 

REPLACEMENT 


CHICAGO 


OBSERVER 


‘  T  TT— Y— - i - T—T  c  T - T -  “  fTTT- 

AND  PROTOCOL 
analysis  SOFTWARE 


c=r->  r-rtoc 


(T  CAN  SSE  ALL  PORTS 
ON  YOUR  SWITCH, 

Bflggg..1 . .  f 11  


Observer  identifies  network  trouble  spots,  and  costs 
thousands  less  than  expensive  hardware-based 
analyzers.  If  you  have  network  slowdowns  would  you 
know  if  they  are  being  caused  by  packet  errors, 
broadcast  storms  or  overloaded  utilization?  Find  out 
with  Observer  or  Distributed  Observer. 

•  Full  packet  capture  and  decode  for  over  300 

protocols,  including  TCP/IP  (v4  and  v6), 
NetBIOS/NetBUEl,  iPX/SPX.  Appletalk,  SNA, 

and  DECnet. 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  the  entire  switch  or 
packet  capture  from  any  port  or  portsFinally  a 

protocol  analyzer  that  can  be  used  in 
switched  environments! 

•  Long-term  network  trending  collects  statistical 
baseline  data  for  days,  weeks,  months  or  years 
for  review  and  reporting. 

•Distributed  version  available  for  $1290  (includes 
1  local  and  1  remote  Probe).  Additional  Probes 
are  $295  per  local  or  remote  segment  or  switch. 

•  Network  Instruments’  optimized  ErrorTrack™ 

NDIS  drivers  display  true  errors-by-station. 

Includes  collision  expert. 

•  Track  router  utilization/traffic  in  real  time 


•  Ethernet  (10/100/1000),  Token  Ring,  FDD I 


ISPRVER* 

rtNSIONR 


's  See 


WliffllnTT  '  ‘ 

EXPERT  FOP 
OBSERVER* 
,  $495 

SIM  (VIP  EXTENSION 
FOR  OBSERVER' 
$495 


WEB  EXTENSION 
FOR  OBSERVER1 
$495 

RIVIONCS)  EXTENSION 
FOR  OBSERVER" 
$495 


See  what  you  have  been  missing!  Call  800-526-7919  for  a  FREE  DEMO  or  download  from  our  web  site. 

|i/ww.networkinstruments.com 

,  ©  1 999  Network  Instruments,  LLC  -  Corporate  Headquarters  (612)  932-9899  FAX  (61 2)  932-9545 

UK  and  Europe  +44  (0)  1322  303045  FAX  +44  (0)  1322  303056  info©notworktnshumenls  com  www.networkmstruments.com 
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If  your  company  is  planning  to  exhibit  at  NetWorld+Interop  in  Atlant 
then  the  Network  World  Planning  Guide  is  a  must! 

Get  extra  exposure  in  this  pre-show/planning  guide  issue  and  pave 
the  way  for  increased  traffic  at  your  booth. 

Call  your  sales  rep  for  details  or  email  us  at 
directresponse@nww.com. 

TEL:  800-622-1108  ext.  7507  or  FAX:  508-628-3976 
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r  &  KVM.Switches@Cost 

£)eaiets  Introducing  the  KVM  Systems  Store 

Purchase  any  compatible 
Keyboard/Video  and  Mouse 
Switch  “At  Our  Cost”  when  you  I 
purchase  The  KVM  Cable  in 
quantities  equal  to  the  number 
of  switched  ports. 

Make  your  purchase  on  our 
secured  web  server,  and  we’ll 
even  give  you  a  break  on  the 
price  of  the  cables 

Up  to  25%  off 
The  KVM  Cable  ! 

http://www.kvmsystems.com 


The  KVM  Cable 
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Article  Retrints  /Tom 


ASK  FOR  OUR  10%  TRADE  SHOW  UPGRADE 


w  r.v  cov'xn'. 


ESI  LEADER 
IN  NETWORK 
KNOWLEDGE 

Print  'Online  Events 

AN  IDG  COMPANY 


can  help  your 


High  impact  article  reprints  from 
company  in  many  ways: 

.  Reprints  can  increase  EXPOSURE  for  your  product  or  service. 
.  Reprints  are  unique  and  unbiased  —  they  pack  CREDIBILITY! 

.  Reprints  make  great  SALES  tools  for  trade  shows,  mailings. 

or  media  kits. 


FOR  MORE  INFORMATION  CALL: 


REPRINT 

MANAGEMENT 

SERVICES 


Ray  Trynovich 

717.399.1900 

1811  OLDE  HOMESTEAD  LANE 

LANCASTER,  PA  17601 

FAX:  717.399.8900 

website  http:  www.rmsrcprints.com 

email:  sales@rmsreprints.com 


:or  details  on  how 
:o  put  your  ad  here 


Enku  Gubaie 
1-800-622-110S 


abletron  Bay  Networks 


Cisco  Specialists 


Com  Micom  Adtran  H/P 

■e  carry  all  manufecfcrs's  cal  as*  tr  sse?. 


Ware  r  _SA 


actory  Direct 

themet  Converters, 
anscervers,  Repeaters 
Switches 


berdyne 


10BASET-106ASE-FL  $145 
AUI-10BASE-R  119 

10CTX-100FX  Cocrrerter  319 
KJT-10FL  Single  409 

10Fl-10a  Repeater  374 

10FLMM-10R  $M  SSfi 

10R-10R  Repeater  SU  535 

J/100TX-100FX  2  port  switdi  W  2S4 

5/100TX-100FX  2  port  swtfch  SU  595 

)  Slot  Chassis  10T-10R  S123  per  pert 

0  Slot  Chassis  100TX-100FX  S254  Xf  port 


www.fiberdyne.com 


Ifiberdyne  LABS,  INC. 

11  Busi"e«  Part  Dt  PrmtS or.  *T  1 XM 
I  (315)  895-8470  Fa  1J15  MS-tOi 


www.netwottmwM  f 


The  First  Name  in  Second  Source 
Networking  Equipment 

BUY,  SELL, 
LEASE/RENT,  TRADE 


Roaters,  Hubs,  Switches,  Comm,  Servers 


BAY  NETWORKS,  3COM, 
ASCEND,  LIVINGSTON,  XYPLEX 


‘t\ 1  ape  re  ztrx^s~ >  rf  rer  ^=sceciv=  omre r~ 


swa  Sxetr  •  Prascc:  mrrr,  ■  kognssm  Proeg 


FAX;  612-944-3534 
VOICE;  612-944-3440 
Email:  saJes@interiinkcom.com 
http://vwrw.interiinkcom.coni 

Interlink  COW  M ' JNSCAHCXS 

7".  •  .  ■  ?•  V.  --  •••-  -  SD.  ::-44 
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NETWORK  HARDWARE 


Our  IS  An  of  Enccptional  Service 

Routers  •  Switches  •  T1/T3  DSU/CSU 
Access  Servers  *  Cables  •  Memory 


Fax  805-964-9405 


www.networkhardware.com 

Network  Kaidw&e  Resale,  Inc. 

|  #244  @  www.networkworid.cont  Tnfoxpress  | 


Systems/Feotupes/Memory 


Also  Available:  Wellfieet.  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

m  S3X*  •  Fast  Defwvy  •  No  Expedite  Oarges 


COMSTAR,  INC. 

me  *1  Network  Remarketer 

612  ♦  835  •  5502 

Fax  S12-SS5-1?27  E-WailsalesecomstarimLcom 
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.comri 

CES  G*OUf 

specialists  in 
Year  2000 
telex  and  X.25 
solutions  worldwide 

1.800.270.2669  301.662.5901; 

www.nsgdata.com 
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WTli'kuiiUf: 


Utilizing  the  Cisco  MC3810  voice  router 


O  Thirteen  practical  voice  troubleshooting  and  hands-on  labs 
during  this  5-day  course 

O  Understand  echo  cancellation,  analog  testing,  digital 
signaling  and  digital  Bert  testing 

O  Learn  how  to  optimize  voice  technologies  over  Frame  Relay 
O  Classes  held  at  YITAL’s  Clearwater  Florida  training  center 

...  I ,  [.Y;-  -  f  -  ••=  .  -  '  ;  ■  •  ■  .;  •'  .  -■  . 

saw  cjoKKsu.5  Ca//  today  to  reserve  yoiir  seat  in  -the 

next  available  class.  Dial  1-800-475-3130 
or  register  on  our  web  site  at; 
www.vitafnetworkservices.com/trainitig/voke 
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VITAL 
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Purveyors  of  Networking  Hardware 


Cttti  Smiai 


t  Bay  Networks 


caaerRon 

systems 


oroteon  _ _  _ 

-  ■  A  | 

3S/nOplcs  mt0j 

SMC’  dkRobotics  «»chipcom 


BUY 

& 

SELL 

Quantity,  Reseller, 
Government  & 
Education,  Discounts 
available. 


LOWER  PRICES  THAN  THOSE  WAREHOUSE  GUYS I 


-  Lowest  Prices  on  Factory 
Fresh  Equipment 
+  Up  to  90%  OFF  Retail 
for  Refurbished  Items 
-♦-Huge  Inventory  of 
Legacy  Products 
+  Factory  Trained 

Consultants  on  Staff 

Fax  us  Your  Want  to  Sell  / 


-♦-Authorized 

Service  Center" 

♦  We  Also  Do  Repairi 
&  Exchanges 
4-Same  Day  Shipping 
on  Most  Items 
4- Same  Day  Delivery 
Via  Counter  Service 

Buy  Lists  @  516-293-5325 


l  L£['C  CUC  L L  \sLZ  £[\A=  LlTu/i  £li-Llli\Z  £LlC.[l[ZLLlC 
£  .-Lucueu  vS  \.C\.C\.U^,L^Ltl\.t:^LL.CC  LU 

A  Division  of  Ergonomic  Enterprises ,  Inc 

a 

c/yLL  U1 LL  [}\im  'i  f 

International  Calls:  001-1-516-293-5200  /  E-mail:  Sales@4IAriWAN.COM 


ba B  WWW.4LANWAN.COM,  Inc. 

A  Division  of  Ergonomic  Enterprises.  Inc. 

C.O.D.  I  miAJrir, rMWrn*  i  IdWIJWI jriMZVI  VimtiEl 


logos  are  registered  trademarks  of  the  companies  they  represent 
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BNETSYS,  Inc 

j  (800)  BNETSYS 
|  www.bnetsys.corn 
Cisar  CCIE,  CCNA,  CCNR  CCDA,  CCDP,  i 
Lab  Access  ow  tire  Internet 


Marcraft 

(800)  441-6006 
www.mic-inc.com/Aplus 
A+  Certification,  NET+  Cert., 
MCP,  Cabling,  Self-Paced,  CBT 


Cable  University 

(800)  537-8254 
www.CableU.net 

FREE  online  training  in  network 
cabling  installation  &  maintenance  I 


NCR  Customer  Education  j 

1  (800)  845-2273 

I  www.ncr.com/trainus 
I  Cisco,  MCSE,  NT  &  Networking, 
Training 


Certified  NetAnalyst 

(800)  645-8486 

WW.PlNEMOUNTAINGROUP.COM 
Protocol  &  Analyzer  Training 
|  Sniffer,  Fluke,  HP,  Shomiti 


j  Self  Test  Software 

(800)  244-7330 
I  www.stsware.com 
Practice  Tests  for  CISCO,  Novell, 
A+,  NET+,  All  Microsoft 


CrossTeds  NetOp  School  SW| 

1  (800)  675-0729 
j  www.CrossTec.Net 

|  Six  essential  tools  for  the  networked  | 
i  classroom.  Download  a  Free  Eval 


[TCIC 

(800)  322-2202 
I  www.tcic.com 

Voice,  Data,  ATM,  CCS7  plus  many 
more,  customization  &  devel.  avail. 


ForeFront  Direct 

(800)  475-5831 
I  www.ffg.com 
B  Computer  based  training  for 
*  the  I.T.  industry 


|  Transcender  Corporation 

(615)  726-8779 

1  www.transcender.com 
MCSE,  MCSD,  MCP  Exam 
Simulations 


Infotec 

(800)  700-TRAIN 
|  www.infotec.com/novell 
;  Novell  CNA,  CNE,  MCNE,NDS 


To  Place  Your 
Listing  Here 
Call  Enku  Gubaie 
at  1-800-622-1108 
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For  More  Information  About  Marketplace 

1-800-622-1108 


Bringing  Unix  to  Windows  Desktops 


For  Windows  95/98/NT 


stArnft 


C  O  tvt  h/l  U  M I C  /\TI  O  IS!  S 


Visit  us  at  www.starnet.com 


Download  Free  Demo  from: 

Itp://f1p.starnet.com/files/mb02/x-win413.exe 
LBX  Support  / 

Access  Security  > 

Multiple  Monitors  $1  75. 

Mouse  Wheel  Support 


Cut/Paste  to  Windows  Apps 
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A 


STOP 


For  more  information  on 
advertising  in  the  Marketplace, 
STOP  everything,  and  call  now! 

800-622-1108  ext. 7465 


Livingston  US  Robotics 

Ascend  ^AV  Micom 

.6  A 

-i?  Specialist  in  all  ^ 

^  Cisco  products  •J) 

(/)  including  Memory'  ^ 

O  w 


r  LAN/WAN  Products  _ 

^  /> 


V.  K* 

q  New,  Used,  Lease, 

SCom^Hf  Rent  ^  Codex 
Adtran  ^  ‘NO***'  Xylogics 
Motorola  Wellfleet 

We  carry  all  Manufacturers 


Millennium  Solutions  Group,  Inc. 


•Routers,  Bridges  ‘Frame  Relay 
•DSU/CSU’s  «Hubs,  Modems 

•Switches,  ATM  ‘Voice  over  Data 


We  Buy  and  Sell 

888-801-2001  Fax  (916)  630-2000 
Visit  our  Web  Site  at: 
http://www.millenniumsolutions.net 
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5^?  Bay  Networks  CaBLeTROQ 


The  Merged  Company  of  SynOptics  and  Wellfleet 


Cisco  Smsxs 


We  Stock  the  Largest  Inventory  of 
Refurbished  Bay  Networks  in  the  World! 


Novell. 


V  A 

at 


A/  * 


ijt 
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•  Bay  Networks  ESP  Trained 

•  Bay  Networks  Authorized 

•  Full  Product  Line 

•  New  &  Used,  Buy  &  Sell 


•  Proven  Track  Record 

•  Good  As  New  Warranties 

•  Repair  Services  Available 

•  Technical  Support 


MADCt 


Phone  801-377-0074 
Fax  801-377-0078 
1403  W.  820  N.  Provo,  UT  84601 


Visit  us  On  the  Web  @  www.nle.com 


National  LAN  Exchange 

888.89 1.4BAY  (4229) 


C.O.D's  Terms 


Fast  overnight  delivery 
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NETWORKING 


|  New  &  Used  Buy  •  Sell  •  Trade 


BAYNETWORKS 

NORTEL 


CISCO 


CABLETRON 


ASCEND/LUCENT 


3COM 


FORE  XYLAN 

www.  bizin  t.com 

NY  Office/USA  Sales:  Main  Olfice/lnl’l  Sail 

Tel:  (315)  458-9606  f  DI7I  Tel:  (978)  667-49 
Fax:  (3 15)  458-9493  Fax:(978)  663-0* 
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Cabletpon  Equipment 

GUARANTEED 


•  100%  factory  refurbished 

•  Only  factory-authorized  VAR 


•  30  day  hot  swap,  1  year  free  repair 
T*\^S**w  •  We  also  carry:  Bay  Networks, 


3Com,  Compex,  Cisco  &  more! 


8-663-33 


7/lETEK 

COMMUNICATIONS.  LM 


Vnetek  Communications,  LLC 
sales@vnetek.com  •  www.vnetek.com 

Brand  names  are  registered  trademarks. 
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— n  Save  up  to  80%  on  new/ used: 

NETFAST  >■  Routers  ►  Switches  >-  XDSL  ►  T1  CSU/DSUs 
- - "  >-  ATM  >•  Fast  Ethernet  >  ISDN  ►  Frame  Relay 


Cisci iSm  s 


WE  BUY  LID 


>  CISCO 

>•  Ascend 


>■  Lucent/Uvingston 
>•  3COM/USRobotics 


>  Nortel/Bay  Networks 
>•  Lorscom  >-  Cabletron 


>  ADC  Kentrox  ►  plex 

►  Newbridge  ►  tan 


'  www.digitalwarehouse.com 

DIGITAL  WAHIHOUSI 

Your  Information  Superhighway  Discount  Sourp re 


>  Paradyne 
>•  Motorola 


>•  Digital  Link  >  te 
>■  Network  Assoc.  ►  M 


Netfast  Communications  Inc.,  56-29  56th  Drive,  Maspeth,  NY  1 137 I 
Phone:  1-888-892-4726  or  718-894-7500  Fax:718-894- 
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DIAMETER  ADDRESSES 
RADIUS  FLAWS 


ou've  heard  of  RADIUS,  but  what  is  Diameter? 

RADIUS  is  a  protocol  to  authenticate  users  who  dial 
in  to  private  networks,  hence  its  full  name:  Remote 
Authentication  Dial-in  User  Service. 

Dial-in  network  access  servers  challenge  callers  for  user 
name  and  password,  which  are  checked  against  a  RADIUS 
server.  But  RADIUS  has  been  used  in  ways  in  which  it  was 
never  intended,  and  some  say  it  is  time  for  a  new  protocol. 

One  proposal  is  Diameter.  "[The  name]  Diameter  is  really  a 
joke  that  means  RADIUS  times  two,"  says  Pat  Calhoun,  a  Sun 
engineer  and  the  main  author  of  the  Diameter  draft  under  con¬ 
sideration  by  the  Internet  Engineering  Task  Force  (IETF). 

Diameter  can  offer  more  secure  authentication,  authorization 
and  accounting  than  RADIUS  in  some  cases,  Calhoun  says.  For 
instance,  ISPs  share  dial-up  points  of  presence  with  other  ISPs. 
That  way,  an  ISP's  customers  can  travel  from  country  to  country 
and  access  the  'Net  via  local  calls.  But  in  this  case,  RADIUS  has 
a  shortcoming  that  makes  Diameter  attractive. 

The  cooperating  ISPs  use  RADIUS  checks  to  ensure  that 
customers  are  authorized  to  use  the  distant  POPs.  Because  the 
local  network  access  server  issues  the  challenge  to  customers, 
the  local  ISP  that  takes  the  call  can  capture  valid  challenge  and 
response  exchanges.  Later,  that  ISP  could  use  those  valid 
exchanges  to  make  it  appear  that  customers  are  making  calls 
when  they  are  not.  Dishonest  ISPs  could  alter  accounting  that 
affects  the  bills  charged  for  roaming  Internet  access. 

Diameter  sets  up  a  challenge  and  response  between  a  cus¬ 
tomer  and  the  customer's  home  Diameter  server.  Intervening 
devices  don't  know  that  the  packets  include  authentication 
data.  Such  a  Diameter  server  could  reside  in  a  corporate  net  to 
handle  authentication  challenges  for  traveling  employees. 

Diameter  can  also  be  used  to  authenticate  and  authorize 
users  of  Code  Division  Multiple  Access  (CDMA)  wireless  data 
services.  Employees  using  portable  CDMA  devices  would  seek 
authorization  to  use  a  carrier's  CDMA  net.  The  request  would  be 
forwarded  to  a  Diameter  server  within  the  net  of  the  firm  paying 
for  the  service.  The  server  would  accept  or  reject  the  request. 

—  Tim  Greene 
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News 


Clamping  down  on  security 

Extensible  Authentication  Protocol  (EAP)  strengthens  security  for  remote  and  internal  LAN  clients 
by  expanding  authentication  options  for  remote  users  and  requiring  LAN  users  to  authenticate  to 
specific  switch  ports  before  gaining  access  to  the  network. 


Remote  user  with 
encryption  card 


VPN  link  over 
Internet 
or  dial-up  link 
over  PSTN 


Q  The  EAP  extension  to  PPP  allows  remote 
users  to  utilize  additional  authentication 
mechanisms,  such  as  token  cards,  smart 
cards,  Kerberos,  and  one-time  passwords, 
that  aren't  supported  by  PPP  alone. 


Remote  Access  Server, 
RADIUS  or  VPN  server 


LAN  switch 


fftrmitM 


hi 


Windows 

2000 

server 


Q  With  the  proposed  EAPOE  standard, 
authentication  mechanisms  can  secure 
physical  ports  within  a  building.  A  PC 
is  plugged  in  to  an  Ethernet  port  and 
must  authenticate  to  that  port  before 
data  can  be  passed. 


After  EAPOE  authenti¬ 
cation,  access  to  specific 
servers  and  network 
resources  is  still  limited 
by  user  rights  and 
network  policies  set  by 
system  administrators. 


EAPOE, 

continued  from  page  1 

networks  from  remote  sites. 
PPP  usually  employs  the  Pass¬ 
word  Authentication  Protocol 
(PAP)  or  Challenge  Hand¬ 
shake  Authentication  Pro¬ 
tocol  (CHAP)  to  communi¬ 
cate  with  Remote  Authen¬ 
tication  Dial-In  User  Service 
(RADIUS)  servers  to  validate 
users.  (To  learn  about 
Diameter,  a  proposed  authen¬ 
tication  service  that  builds 
upon  RADIUS,  see  story,  left). 

Microsoft  is  supporting 
EAP  in  its  upcoming  Windows 
2000  operating  system,  says 
Ron  Cully7,  lead  product  man¬ 
ager  for  Windows  network¬ 
ing.  EAP  will  help  users 
authenticate  dial-up  and  virtu¬ 
al  private  network  connec¬ 
tions  to  a  network  using 
a  variety  of  mechanisms 
beyond  PAP  and  CHAP,  includ¬ 
ing  smart  cards,  Kerberos  and 
one-time  passwords. 

APIs  in  the  works 

Microsoft  also  will  supply7  a 
set  of  EAP  APIs  in  Windows 
2000  that  let  independent 
software  vendors  create  new 
EAP  modules  for  clients  and 
servers.  The  API  can  be  used 
by  third  parties  to  incor¬ 
porate  such  authentication 
mechanisms  as  biometrics  or 
retinal  scans  into  Windows 
2000,  Cully  says. 

If  those  Windows  2000 
desktops  are  attached  to 
an  Ethernet  LAN,  EAPOE 
would  ostensibly  allow  users 
to  employ  such  authentica-  . 
tion  procedures  across  a 


company’s  internal  LAN.  By 
having  EAP  embedded  in 
the  operating  system,  users 
would  not  have  to  run  addi¬ 
tional  software  on  the  client 
or  modify  network  inter¬ 
face  card  (NIC)  driver  soft¬ 
ware  in  order  to  support 
EAPOE,  3Com  sayrs. 

When  a  Windows  2000 
client  requests  access  to  a 
server,  the  switch  to  which 
that  desktop  is  attached 
would  detect  a  connection 
attempt.  The  switch  would 
then  “tell”  the  authentication 
serv  er  about  the  new7  connec¬ 
tion  attempt. 

The  server  would  ask  the 
Windows  2000  desktop  sys¬ 
tem  to  validate  the  user.  The 
desktop  system  would  send 
the  user  profile  to  the  authen¬ 
tication  server,  and  the  user 
would  gain  access  to  the 
switch  port  —  and  the  target 
server  —  once  the  profile  was 
validated. 

Although  EAP  is  an  IETF 
standard.  EAPOE  is  being  pro¬ 
posed  within  the  IEEE 
because  Ethernet  is  an  IEEE 
802.X  standard.  The  802.1 
working  group  within  the 
IEEE  is  looking  into  the 
EAPOE  proposal. 

3Com  sees  need 

3Com  is  active  in  the 
EAPOE  effort  because  the 
company  is  the  leading  sup¬ 
plier  of  Ethernet  NICs. 

“Through  discussion  with 
a  number  of  our  partners  in 
the  educational  market,  we 
realized  that  there  was  a 
major  problem  in  securing 
network  connections,”  says 


Hamid  Karimi,  3Com  tech 
nical  marketing  manager 
"We  need  to  address  secur 
LAN  connections,  and  w< 
need  to  take  advantage  o 
user  identification.” 

Users  say  they  would  wel 
come  the  standard.  One  syb 
terns  administrator  at  a  finar 
cial  institution,  who  requesi 
ed  anonymity,  says  it  woul< 
be  nice  to  have  options  i 
he  began  looking  at  othe 
authentication  mechanism 
for  his  RADIUS  servers.  Th 
administrator  says  he  woui 
prefer  a  standard  way  o 
adding  those  mechanism 
rather  than  one  vendor’s  pn 
prietary  method. 

More  uses  possible 

3Com  has  been  using 
proprietary  technology  sim 
lar  to  EAPOE  since  199 
on  its  NICs  and  switche- 
Karimi  says.  In  addition  t 
securing  connections,  3Coi 
believes  EAPOE  will  be  us< 
ful  in  policy-based  networl 
ing  because  the  user  II 
aspects  of  the  technolog 
can  be  used  to  establish  pol 
cies  for  granting  networ 
resource  access. 

“If  you  know  who  th 
users  are  you  can  charg 
them  based  on  the  service 
thev  use  and  give  them  moi 
liquidity  in  accessing  r< 
sources  within  the  ente 
prise."  Karimi  says. 

The  EAPOE  group  wi 
meet  next  month  under  th 
auspices  of  the  IEEE  802 
working  group  to  formali; 
its  work  and  debate  propo 
als.  Karimi  says.  3 
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Start-ups, 

continued  from  page  1 

PricewaterhouseCoopers 
conducts  a  venture  capital  sur¬ 
vey  every  quarter  and  gives 
Network  World  the  exclusive 
on  network  results. 

For  enterprise  customers, 
the  record-setting  investments 
in  ’Net  technology  could  mean 
that  many  new  and  innovative 
products  and  services  will  be 
getting  to  market  in  the  next  12 
to  18  months.  Big  money  also 
means  that  start-ups  will  have 
the  financial  backing  necessary 
to  manufacture  and  support 
their  products. 


“Small  companies  like  Web- 
Line  are  offering  the  leading- 
edge  Web  technologies  that 
large  companies  need  and 
aren’t  getting  from  established 
vendors,”  says  Bob  Weinberger, 
vice  president  of  marketing  at 
WebLine  Communications,  a 
provider  of  Internet  customer 
service  software  in  Burlington, 
Mass.,  that  raised  $10  million 
last  quarter  (AW,  Aug.  16,  page 
10).  “It’s  vital  to  us  to  have 
access  to  capital  because  it 
assures  customers  that  we  re 
rock  solid  in  terms  of  our 


future  financing.” 

Most  network  invest¬ 
ments  made  last  quarter 
were  tied  to  the  ’Net  either 
directly,  as  in  funding  for 
ISPs  or  companies  develop¬ 
ing  electronic  commerce 
software,  or  indirectly,  as  in 
vendors  building  high-pow¬ 
ered  gear  needed  to  accom¬ 
modate  Internet  traffic.  “At  least 
$2  billion  of  the  $3,184  billion 
invested  in  networking  is 
directly  or  indirectly  influenced 
by  the  Internet,”  says  Kirk 
Walden,  national  director  of 
venture  capital  research  for 
PricewaterhouseCoopers. 

Network  vendors  expect  the 


investment  community’s  inter¬ 
est  in  Internet-related  deals  to 
remain  strong. 

“The  venture  capital  commu¬ 
nity  is  realizing  just  how  big  the 
Internet  opportunity  is,”  says 
Dave  Zwicker,  vice  president  of 
marketing  at  Indus  River  Net¬ 
works,  an  Acton,  Mass.-based 
virtual  private  network  supplier 
that  raised  $  1 4  million  last  quar¬ 
ter.  “All  the  networking  compa¬ 
nies  that  have  some  role  in  pro¬ 
viding  either  access  to  the  Inter¬ 
net  or  in  products  for  building 
business-grade  communications 


environments  over  the  Internet 
are  benefiting  from  that." 

Driven  by  the  popularity  of 
the  Internet,  network  invest¬ 
ment  increased  the  most  of  any 
category  in  the  study,  which 
tracks  quarterly  venture  capital 
funding  in  all  industries. 

Over  the  past  several  quar¬ 
ters,  venture  capital  invest¬ 
ments  in  Internet-related  com¬ 
panies  have  continued  to  set 
new  records.  For  the  first  half 
of  this  year,  network-related 
investments  reached  $5.56  bil¬ 
lion,  compared  to  a  total  invest¬ 
ment  of  $5.3  billion  during  all 
of  1998.  The  average  invest¬ 
ment  per  network  company  is 
also  up,  from  about  $8  million 
last  quarter  to  over  $  10  million 
this  quarter. 

“It  used  to  be  that  $10  mil¬ 
lion  was  a  lot,  but  now  we’re 
not  seeing  many  deals  under 
that,”  says  Steve  Meisel,  a  part¬ 
ner  with  Pricewaterhouse- 
Cooper’s  Networking  Commu¬ 
nications  group. 

The  biggest  deal  of  the  quar¬ 
ter  was  a  $128  million  invest¬ 
ment  in  VIA  Net  Works,  a 
Reston,Va.,  ISP  that  serves  Latin 
America  and  Europe. 

One  technology  that  contin¬ 
ues  to  benefit  from  venture 
capital  investment  is  wireless 
communications.  A  total  of  17 
wireless  companies  received 
$226  million  in  funds  to  devel¬ 
op  wireless  services  ranging 
from  broadband  to  video-over¬ 
wireless  to  wireless  Internet 
appliances.  The  largest  wireless 
investments  were:  $91  million 
in  Metawave  Communications, 
a  Redmond,  Wash.,  provider  of 
spectrum  management  systems 
for  wireless  service  providers; 
$24  million  in  Wavtrace  of 
Bellevue,  Wash.,  which  devel¬ 
ops  point-to-multipoint  wire¬ 
less  broadband  access  systems; 
and  $20.4  million  to  Time 
Domain  Corp.  of  Huntsville, 
Ala.,  for  investment  in  its  ultra- 
wideband  wireless  technology. 

David  Hathoway,  managing 
general  partner  with  Venrock 
Associates,  says  wireless  ven¬ 
tures  are  getting  so  much 
money  because  they  need  to 
cover  the  costs  of  building  an 
infrastructure  capable  of  han¬ 


dling  a  growing  number  of 
voice  subscribers  as  well  as 
new  data  services.  Venrock 
is  an  investor  in  Metawave. 

“We’re  already  seeing 
carriers  and  companies 
looking  at  wireless  as  an 
alternative  to  wireline,” 
Hathoway  says,  adding  that 
Venrock  is  investing  in 
wireless  component,  equip¬ 
ment  and  service  providers. 
“We  expect  the  investments  in 
wireless  to  be  ongoing  for  the 
next  couple  of  years.” 

Another  hot  area  for  invest¬ 
ment  was  digital  subscriber  line 
(DSL)  technology.  Among  the 
DSL  firms  that  raised  money  last 
quarter  were:  DSL.net,  a  New 
Haven,  Conn.,  provider  of  DSL 
services  to  smaller  cities  that  re¬ 
ceived  $40  million;  Jato  Com¬ 
munications,  a  data  communica¬ 
tions  DSL  provider  from  Den¬ 
ver,  that  received  $20  million; 
and  New  Edge  Networks,  a  Van¬ 
couver,  Wash.,  DSL  carrier  that 
received  $15.3  million.  Overall, 
11  DSL  companies  received  a 
total  of  $189  million. 

William  Seifert,  a  general 
partner  with  Prism  Venture 
Partners,  says  the  investment 
community  is  funding  all 
emerging  broadband  access 
technologies,  including  DSL 
and  cable  modems. 

“It’s  not  clear  which  technol- 


3Com, 

continued  from  page  6 

time.  Traffix  Manager  3-0 
client  packages  are  written  in 
the  Java  Runtime  Environ¬ 
ment  1.2  language,  which  is 
intended  to  foster  a  more 
dynamic,  real-time  graphical 
depiction  of  the  status  of  the 
network. 

Java  helps 

These  Java  clients  also  con¬ 
tribute  to  the  software’s  ease- 
of-use  enhancements.  The 
Traffix  Manager  30  user 
interface  makes  it  easier  for 
users  to  spot  the  most  con¬ 
versant  clients  and  servers  on 
the  network  and  to  get  a 
quick  look  at  traffic  volume 
and  other  network  activity. 

The  software  also  features 
start-up  and  discovery  wiz¬ 
ards  that  help  ease  installa¬ 
tion  and  data  collection, 
3Com  says. 

To  help  track  mobile  users, 
Traffix  Manager  3.0  supports 
DHCP  servers.  DHCP  servers 
dole  out  IP  addresses  from  a 
pool  of  available  addresses  for 


ogy  is  going  to  win,”  he  say  • 
“DSL  is  just  one  bet  to  place 

Prism  is  an  investor  in 
DSL.net,  wliich  plans  to  go  pub¬ 
lic  soon. 

Six  firms  with  products  that 
integrate  voice  and  data  ovc  - 
the  Internet  also  were  targeted 
for  investment,  receiving  a  total 
of  $63-3  million.  The  largest 
investments  in  this  area  were 
$15.5  million  received  by  In¬ 
tegral  Access,  a  maker  of  packet- 
based  telecommunications  ac¬ 
cess  systems  based  in  Chelms¬ 
ford,  Mass.,  and  $14.3  million  re¬ 
ceived  by  MSHOW.com,  a 
provider  of  telephone  services 
over  the  ’Net  in  Littleton,  Colo. 

Another  area  for  investment 
was  business-to-business  elec¬ 
tronic  commerce  sites  and  ser¬ 
vices.  For  example,  Center- 
beam,  a  Santa  Clara,  Calif.,  pro¬ 
vider  of  Internet  services  for 
small  businesses,  received  $20 
million  in  its  first  round  of 
funding. 

Other  start-ups  in  this  area 
that  received  seed  funding 
were  Branders  of  San  Mateo, 
Calif.,  which  received  $2  mil¬ 
lion,  and  Conduit  of  Mountain 
View,  Calif.,  which  received 
$1.3  million.  S 
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users  who  are  on  the  go  but 
need  access  to  the  corporate 
network.  Traffix  Manager  3  0 
tracks  the  network  activity  of 
these  users  by  identifying 
them  via  their  media  access 
control  address,  not  the  IP 
address. 

For  increased  scalability, 
Traffix  Manager  3  0  features 
DNS  aggregation,  wTiich 
groups  servers  with  the  same 
name  together  as  if  they  were 
one  network  device.  This 
increases  scalability7  by  free¬ 
ing  more  space  in  the  Traffix 
Manager  database  because 
information  on  multiple 
devices  is  stored  as  if  it  were 
from  one  device  with  a  com¬ 
mon  name. 

One  drawback  of  Traffix 
Manager  3.0  is  the  CPU 
power,  memory  and  disk 
space  it  requires. 

“Don’t  go  cheap  on  horse¬ 
power;  you’re  going  to  need 
it,”  cautions  Oklahoma  State’s 
White. 

Traffix  Manager  3  0  costs 
$9,995  and  will  ship  in 
September. 

3Com:  w^wwv^com.com 


Steady  growth 

Venture  capital  funding  for  network  companies,  and  the  number 
of  network  companies  receiving  funding,  have  increased  signifi¬ 
cantly  over  the  past  year. 

Dollars  (in  billions)  Number  of  companies 
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SOURCE:  PRICEWATERHOUSECOOPERS  QUARTERLY  VENTURE  CAPITAL  SURVEY 


Raking  it  in 

The  top  10  network  hardware,  software  or  service  companies 
receiving  venture  capital  funding  in  02 1999: 


Company 

Funds 

(in  millions) 

Description 

VIA  Net  Works 

$128 

International  Internet  services. 

Metawave 

Communications 

$91 

Spectrum  management  for 
wireless  services. 

Digital  Broadcast 
Network 

$40 

Network  and  data  management 
platform. 

DSL.net 

$40 

Provider  of  DSL  services  to 
smaller  cities. 

Cobalt  Networks 

$36.3 

Network  communication  and  applications. 

NetZero 

$33.3 

Free  ISP. 

Visto 

$31 

Web-based  groupware. 

Vertical  Networks 

$30 

Telephony  and  data  access  products. 

Digital  Entertain¬ 
ment  Networks 

$26 

Video  streaming  services  for  the 
Internet. 

Commerce  One 

$25 

Real-time  interbusiness  e-commerce. 

Q2'98  03  98  Q4'98  Q1'99  Q2'99 
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The  Clueless  Brain  Manifesto 


“A  powerful  global  conversation 
has  begun.  Through  the  Internet, 
people  are  discovering  and  invent¬ 
ing  new  ways  to  share  relevant 
knowledge  with  blinding  speed.  As 
a  direct  result,  markets  are  getting 
smarter  —  and  getting  smarter 
faster  than  most  companies.” 

—  Argumentative  introduction 
to  the  Cluetrain  Manifesto 
(www.cluetrain.com) 


MARK 

GIBBS 


Earlier  this  year,  a  group  of  guys 
put  up  a  Web  site  .  The  site  put 
forth  the  notion  that  the  Internet 
has  changed  the  nature  of  markets, 
and  companies  in 
general  don’t  get  it. 

Of  course,  like  all 
good  pundits,  they 
have  the  solution. 

Their  solution  is 
embodied  in  “The 
Cluetrain  Manifesto.” 
The  name  is  derived 
from  their  belief  that 
companies  need  to 
get  a  clue. 

The  brains  behind 
this  are  Rick  Levine, 
Web  architect  for 
Sun’s  Java  Software  group;  Doc 
Searls,  senior  editor  for  Linux 
Journal;  David  Weinberger,  editor 
of  the  Journal  of  the  Hyperlinked 
Organization;  and  Christopher 
Locke  aka  Rageboy,  editor/pub¬ 
lisher  of  Entropy  Gradient 
Reversals. 

The  Cluetrain  diatribe  starts 
with  the  above  quote  and  goes  on: 
“Most  corporations,  on  the  other 
hand,  only  know  how  to  talk  in 
the  soothing,  humorless  monotone 
of  the  mission  statement,  market¬ 
ing  brochure  and  your  call  is 
importany  to  us’  busy  signal.  Same 
old  tone,  same  old  lies.  No  wonder 
networked  markets  have  no 
respect  for  companies  unable  or 
unwilling  to  speak  as  they  do.” 

Nothing  but  the  same  old  pinko 
rhetoric.  1  can  just  see  the  authors 
hunkering  down  beside  their  delu¬ 
sions  waiting  for  the  black  heli¬ 
copters  to  take  them  away. 

Anyway,  the  ringleaders  man¬ 
aged  to  attract  a  slew  of  signato¬ 


ries  to  jump  on  board  the  Clue¬ 
train  with  a  lemminglike  willing¬ 
ness  to  stand  up  and  be  counted 
amongst  the  digerati  riding  the 
rails  of  righteousness.  You  can  see 
their  comments  on  the  site,  but 
what  a  lot  of  posturing!  You  get 
the  feeling  that  you’ve  just  wan¬ 
dered  into  a  party  full  of 
wannabes  playing  the  “I’m  as  hip 
as  you”  game. 

As  you  explore  the  site  — 
which  I  encourage  you  to  do  — 
you  will  find  that  it  kind  of  makes 
sense.The  central  argument  that 
companies  must  adapt  to  the  new 
dynamics  of  interacting  with  peo¬ 
ple  online  is  a  sound,  if  somewhat 
obvious,  statement.  However,  the 
Wall  Street  Journal  referred  to 
Cluetrain  as  “absolutely  brilliant,” 
and  InfoWorld  declared:  “Reading 
this  manifesto  . . .  was  like  getting 
hit  on  the  head  with  a  Zen  stick.”  I 
think  that  whoever  wrote  those 
comments  should  get  out  more. 

Where  I  find  myself  jumping  off 
the  train  is  in  the  95  theses  (for 
the  gods’  sake,  95!)  that  are  the 
heart  of  the  Manifesto.  Let’s  look  at 
the  first  thesis:  “Markets  are  con¬ 
versations.”  OK,  but  that’s  more  a 
philosophical  than  useful  axiom. 

Thesis  No.  2: “Markets  consist  of 
human  beings,  not  demographic 
sectors.”Yuck.  Do  you  see  some 
disjointed  thinking  here?  If  there’s 
something  improper  about  group¬ 
ing  people  into  sectors,  then  isn’t 
lumping  them  into  a  “market”  an 
equally  egregious  crime? 

The  theses  go  on  in  the  same 
vein  but  never  really  address  the 
key  issue  of  the  relationship  be¬ 
tween  people  and  the  companies 
that  want  their  attention.  That 
issue  concerns  value.  Sure,  Clue¬ 
train  mentions  the  word  “value”  in 
a  few  theses  but  not  as  a  key  con¬ 
cern  in  the  relationship  between 
companies  and  people.  I  would 
argue  that  most  of  the  95  theses 
read  more  like  socialist  rhetoric 
than  reasoned  business  analysis. 

Missing  from  Cluetrain  is  the 
need  to  understand  the  concept  of 
the  exchange  of  equivalent  value. 
Next  week,  I’ll  discuss  this  idea 
and  what  it  means  to  businesses.  If 
a  Cluetrain  ringleader  or  signatory 
doesn’t  assassinate  me  first. 

Value  judgments  to  nwcol- 
umn@gibbs.com 


Rooting  for  AT&T  strikes  me  as 
tantamount  to  cheering  for  the 
Yankees,  or,  worse  yet,  Microsoft.  Buzz  is 
usually  an  underdog  guy  (read:  hopelessly 
delusional  Red  Sox  fan). 

So  you'll  have  to  forgive  me  for  applaud¬ 
ing  last  week's  decision  by  the  Federal 
Communications  Commission  to  back  AT&T's 
attempts  to  stop  meddlesome  local  govern¬ 
ments  from  regulating  cable  Internet  access. 

The  FCC  filed  a  brief  supporting  AT&T's 
appeal  of  a  judge's  ruling  that  blessed  an 
edict  by  Portland,  Ore.,  authorities  forcing 
AT&T  to  open  its  cable  network  to  rival  ISPs. 

The  FCC  argues  it's  too  early  in  the  evolution  of  broadband  for  any 
mandated  open  access  and  —  perhaps  more  important  —  only  the 
FCC  should  decide  the  particulars  of  such  regulation  when  it's  time. 

The  FCC  couldn't  be  more  correct,  even  if  its  opinion  does  put  a 
smile  on  the  face  of  AT&T  CEO  C.  Michael  Armstrong. 

Here's  why:  While  it’s  wise  to  be  wary  of  Washington  regulators 
and  self-serving  corporate  behemoths  such  as  AT&T,  it's  even  wiser  to 
be  scared  silly  of  all  the  would-be  do-gooders  in  Portland,  Peoria  and 
Podunk. 

Everyone  knows  that  it  was  Massachusetts  congressman  and 
Speaker  of  the  House  Tip  O'Neill  who  said,  "All  politics  is  local." 

What's  not  so  well  known  is  that  O'Neill  finished  that  famous 
thought  by  adding,  "So  never  let  local  politicians  get  involved  with 
anything  as  critical,  complex  and  potentially  corrupting  as  the  regula¬ 
tion  of  Internet  access." 

OK,  O'Neill  never  said  any  such  thing,  primarily  because  he  lost  a 
tough  re-election  battle  to  the  Grim  Reaper  back  in  1994.  But  were  he 
alive  today  and  caught  in  a  moment  of  candor,  even  ol'  Tip  might  be 
backing  AT&T  on  this  one. 


TixToGo.com  wants  to  give  you  a  new  Porsche  Boxster. 

In  return,  all  you've  got  to  do  is  give  this  San  Francisco-based  start¬ 
up  a  better  name  than  "TixToGo.com." 

Sounds  simple  enough.  But  as  anyone  who  has  recently  played  the 
e-business  naming  game  will  attest,  paying  for  that  Porsche  might 
actually  be  easier. 

TixToGo.com  is  a  Web  site  that  bills  itself  as  a  "marketplace  for  activ¬ 
ities."  What  that  means  is  it  helps  event  planners  with  online  ticketing, 
credit  card  payments,  registration,  group  memberships  and  the  like. 

But  rather  than  hire  a  naming  consultant  for  megabucks,  TixToGo 
executives  decided  to  dangle  a  sports  car  in  front  of  the  masses  in  a 
"rename  that  company"  contest. 

Buzz  drives  a  rapidly  deteriorating  8-year-old  Toyota  and  fancies 
himself  the  creative  sort,  so  what  the  heck?  Let's  see  what  20  minutes' 
worth  of  company  time  comes  up  with  here: 

My  first  idea  —  YourEvent.com  —  is  already  registered. 

My  backup  idea  —  EventPlanner.com  —  is  already  taken. 

My  emergency  backup  idea  —  MainEvent.com  —  already  taken. 

Last  one.  How  about  EventCentral.com?  Taken.  Notice  a  trend  here? 

My  futility  is  probably  just  as  well,  given  that  I  have  never  learned  to 
operate  a  stick  shift,  much  to  the  chagrin  of  Mrs.  Buzz,  a  former  auto 
review  writer. 


PAUL 

MCNAMARl 


The  Associated  Press  last  week  ran  a  puffy  story  about 
TotallyFreeStuff.com,  a  Canadian  entrepreneur's  Web  site  that  offers 
. . .  well,  you  can  figure  that  out  for  yourself. 

Visit  TotallyFreeStuff.com  and  you'll  find  links  to  other  sites  that 
offer  free  e-mail,  free  screen  savers,  free  online  magazines  and  a  host 
of  other  mundane  items. 

No  one's  giving  away  a  Porsche,  and  the  stuff  is  totally  free  crap. 

Moral  to  the  story:  You  get  what  you  pay  for,  even  on  the  Internet. 

No  Porsches  here,  either.  Gratitude  will  be  your  only  reward 
for  sending  Internet  news  tips  and  gossip  to  McNamara  at  508- 
820-7471  or  buzz@nww.com. 
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10/100  etherjet  adapter  cards. 

Enhance  overall  performance. 

profiles  with 

lets  you  record  and 

(13.7"  vis)  to  flat  panel,  are 

Now  your  PCs  are  linked 

32-256mb,  lOOmhz 

IBM  options. 

transport  650mb  of  data. 

guaranteed  compatible. 

throughout  the  network. 

non-parity  sdram. 

build.to  suit 


iBM 


PROCESSOR 


pentium®/// 


•Estimated  reseller  prices  tor  models  PC  300GL  6287-43U  (CPU)  and  65460AN  (monitor)  and  PC  300PL  6862-34U  (CPU)  and  65460AN  (monitor).  Actual 


V  '  va  ab  e  o  ai  additional  charge  mtu  denotes  microprocessor  inlernal  clock  speed,  other  lactors  may  also  ailed  application  pertormance.  gb=1  billion  bytes  lor  HOD  capacity.  PCs  referenced  In  this  ad  include  an  operating  system.  IBM  product  names  are  trademarks  ol  International  Business  Machines  Corporation.  Intel,  the  Intel  Inside  logo  and  Pentium  are  registered  trademarks  and  Celeron  is  a  trademark  ol  Intel  Corporation,  ©  1999  IBM  Corp.  All  rights  reserved. 


PC300PL  %■ 


0 

o 

’C 

a 


from 

$1,229* 


a 


Integrated  Intel  10/100  ethernet  /  3D  AGP  graphics  standard 
Pefitium*  III  processor  up  to  600mhz  withlOOmhz  bus  speed 


(©business  tools 


’  “  - - - - p7*s — e - - - — - - - - 

Can  you  be  everywhere  at  once?  Build  a  network  of  PCs  that  tell  you  when  there's  a  problem  -  even  when  they're  off.  A  network  that  uses  tools  like  Alert  on  LAN  A  network 

you  control  remotely  from  any  location  via  the  web.  A  network  of  300PLs.That  would  make  you  all-powerful  indeed,  www.ibm.com/ibmpc  or  call  800  426  7255,  code  pc160 
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PC  300GL  %■ 


<©> 


usiness 


tools 


from 

$978 


Intel"  Celeron '  processor  400mhz  /  4  slots 
4  bays  /  up  to  256mb  sdram  /  up  to  13.5gb  hdd 


The  PC  300GL.  It’s  big  relief  for  users  (no  more  slow,  old  pc's).  It's  big  relief  for  IS  staff 
(heavy-duty  network  management  features).  It's  relief  for  finance  (very,  very  affordable). 
Could  it  be  all  things  to  all  people?  www.ibm.com/ibmpc  or  800  426  7255,  code  pc160 


